The Need to Address Ivanti's Failures: A Call for Accountability and Leadership in Cybersecurity
How a Leading Security Vendor Became a Case Study in Poor Crisis Management and What It Means for the Industry from the challenges of ripping and replacing to more
As a CISO and the host of the CyberHub Podcast, I've spent years discussing the challenges facing cybersecurity leaders. One recurring theme is the critical role vendors play in safeguarding our organizations. We trust these vendors with some of our most sensitive systems and data, yet when they fail to secure their products, the consequences are catastrophic.
Ivanti is a prime example of a company that has repeatedly fallen short in its duty to protect its customers. In 2021, a critical Pulse Connect Secure vulnerability (CVE-2021-22893) was exploited by Chinese state-sponsored hackers, impacting U.S. federal agencies and exposing sensitive data, a breach that CISA later confirmed had gone undetected for months.
From zero-day vulnerabilities to data breaches, Ivanti's track record raises serious questions about accountability and leadership in the cybersecurity industry.
Ivanti's Zero-Day Vulnerabilities: A Timeline of Failure
Ivanti's challenges can be traced through a series of critical zero-day vulnerabilities that have plagued its products, particularly in Pulse Connect Secure and MobileIron, two widely used solutions in enterprise environments. These vulnerabilities have been exploited by state-sponsored threat actors and cybercriminals, causing widespread damage and raising serious questions about Ivanti's ability to secure its products.
Pulse Connect Secure Zero-Day Vulnerabilities
Pulse Connect Secure, a VPN solution used by governments, healthcare providers, and enterprises worldwide, has been a frequent target of attackers due to its critical vulnerabilities. Its widespread deployment in sensitive environments makes it a high-value target for attackers.
The VPN provides access to internal networks and often lacks strong segmentation controls, meaning that once compromised, attackers can move laterally through the network with minimal resistance. Notably:
CVE-2021-22893: A zero-day vulnerability in Pulse Connect Secure exploited by Chinese APT groups to gain unauthorized access to networks, allowing them to steal sensitive data and conduct espionage.
Keep reading with a 7-day free trial
Subscribe to CISO Talk by James Azar to keep reading this post and get 7 days of free access to the full post archives.