Perimeter Defense is Dead

Yet again, a critical vulnerability in commercial, high-end network equipment. This time, BIG-IP gear offers any hacker the ability to remotely access the management interface. The intruder doesn’t need authentication and can run any command. It’s rated a scary 9.8 (CRITICAL) on the CVSS scale, and it is being actively exploited.

If you still needed convincing that your network needs micro-segmenting or a zero-trust architecture, here is another piece of proof. This is not cheap consumer-grade gear. This is a highly reputable vendor of expensive equipment used by most large companies around the world. They can’t keep their devices secure, even though they are supposed to implement best practices in secure software development.

Depending on perimeter defense today is like being France in 1939 believing in the Maginot line. If you are a CIO, today would be a good day to chat with your network team about just how securely segmented your network is.   

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.