Ivanti Commits to Enhanced Security Measures Following Disclosure of 4 New Vulnerabilities

Resources
Ivanti Commits to Enhanced Security Measures Following Disclosure of 4 New Vulnerabilities

Published:

Written by: Staff Editor
spot_img

Ivanti Announces Security Overhaul Amid Fresh Set of Bugs In Connect Secure and Policy Secure Products

Ivanti CEO Jeff Abbott has announced a complete overhaul of the company’s security practices in response to a series of bug disclosures in its Ivanti Connect Secure and Policy Secure remote access products. This comes after Ivanti disclosed four new bugs this week, including high-severity vulnerabilities that pose a risk to customers.

In an open letter to customers, Abbott outlined a series of changes that Ivanti will implement in the coming months to enhance its security operating model. This includes a revamp of engineering, security, and vulnerability management processes, as well as the implementation of a new secure-by-design initiative for product development.

These changes aim to embed security into every stage of the software development life cycle and enhance internal vulnerability discovery and management processes. Additionally, Ivanti plans to increase incentives for third-party bug hunters and provide more resources to customers for finding vulnerability information.

Despite these commitments, some customers remain skeptical due to Ivanti’s recent security track record, which includes a total of 11 vulnerabilities disclosed since January. Security researcher Jake Williams notes that many Fortune 500 clients view Ivanti’s response as “too little, too late,” raising concerns about the security of Ivanti’s products.

The steady stream of bug disclosures has led to questions about the risk posed to Ivanti’s 40,000 customers worldwide. Some customers have expressed frustration, while competitors like Cisco have seized the opportunity to offer incentives to lure Ivanti VPN customers to their platforms.

Analyst Eric Parizo attributes some of Ivanti’s challenges to its history of acquisitions, resulting in uneven software quality. However, he sees Ivanti’s commitment to improving security processes as a positive step and suggests that indemnifying customers for damages from vulnerabilities could help restore confidence in the company.

spot_img

Related articles

Recent articles

NSW Government Prohibits Creation and Distribution of Explicit Deepfakes

Global
NSW Government Enacts Tough Laws Against Sexually Explicit Deepfakes The New South Wales (NSW) government has taken significant steps to combat the growing issue of...
Read more

CISA Alert: Malware Targeting Ivanti EPMM Identified

Dark Watch
Rising Cyber Threat: Insights from CISA's Malware Analysis Report The Cybersecurity and Infrastructure Security Agency (CISA) recently published a detailed Malware Analysis Report (MAR) that...
Read more

Preemptive Cybersecurity Set to Dominate IT Security Budgets, Replacing DR-Based Approaches by 2030

Regional
The Rise of Preemptive Cybersecurity Solutions By 2030, preemptive cybersecurity solutions are projected to make up 50% of IT security spending. This marks a significant...
Read more

MEICA Concludes Successful Event in Abu Dhabi

Knowledge Hub
MEICA 2025: Pioneering Innovation in Industrial Cybersecurity and Automation Successful Launch in Abu Dhabi The vibrant capital city of Abu Dhabi recently hosted the 6th Annual...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com