Ivanti Commits to Enhanced Security Measures Following Disclosure of 4 New Vulnerabilities

Resources
Ivanti Commits to Enhanced Security Measures Following Disclosure of 4 New Vulnerabilities

Published:

Written by: Staff Editor
spot_img

Ivanti Announces Security Overhaul Amid Fresh Set of Bugs In Connect Secure and Policy Secure Products

Ivanti CEO Jeff Abbott has announced a complete overhaul of the company’s security practices in response to a series of bug disclosures in its Ivanti Connect Secure and Policy Secure remote access products. This comes after Ivanti disclosed four new bugs this week, including high-severity vulnerabilities that pose a risk to customers.

In an open letter to customers, Abbott outlined a series of changes that Ivanti will implement in the coming months to enhance its security operating model. This includes a revamp of engineering, security, and vulnerability management processes, as well as the implementation of a new secure-by-design initiative for product development.

These changes aim to embed security into every stage of the software development life cycle and enhance internal vulnerability discovery and management processes. Additionally, Ivanti plans to increase incentives for third-party bug hunters and provide more resources to customers for finding vulnerability information.

Despite these commitments, some customers remain skeptical due to Ivanti’s recent security track record, which includes a total of 11 vulnerabilities disclosed since January. Security researcher Jake Williams notes that many Fortune 500 clients view Ivanti’s response as “too little, too late,” raising concerns about the security of Ivanti’s products.

The steady stream of bug disclosures has led to questions about the risk posed to Ivanti’s 40,000 customers worldwide. Some customers have expressed frustration, while competitors like Cisco have seized the opportunity to offer incentives to lure Ivanti VPN customers to their platforms.

Analyst Eric Parizo attributes some of Ivanti’s challenges to its history of acquisitions, resulting in uneven software quality. However, he sees Ivanti’s commitment to improving security processes as a positive step and suggests that indemnifying customers for damages from vulnerabilities could help restore confidence in the company.

spot_img

Related articles

Recent articles

New Cryptojacking Campaign Targets DevOps APIs with Common GitHub Tools

Global
Rising Threat: New Cryptojacking Campaign Targets DevOps Servers Introduction to JINX-0132 Recent cybersecurity research has unveiled a concerning cryptojacking campaign dubbed JINX-0132. This campaign primarily aims...
Read more

Intersec Saudi Arabia: Expanding Exhibition Highlights Innovations for a Safer Future

Regional
29 May Intersec Saudi Arabia Returns: A Showcase of Innovation for the Kingdom’s Future Posted at 10:45h ...
Read more

Co-op Stocks Holiday Items Amid Post-Cyber Attack Supply Challenges

Global
Co-op Group Faces Cyber Attack: An Update on Recovery Efforts and Stock Issues Cyber Attack Hits Co-op Group In late April, the Co-op Group experienced a...
Read more

Malaysia and UAE Forge Innovative AI Partnership to Strengthen Digital Collaboration

Knowledge Hub
Accelerating Digital Transformation: Malaysia's Bold AI Partnership with UAE In an age where artificial intelligence (AI) has reshaped industries and redefined possibilities, Malaysia is poised...
Read more
Sign up to the Newsletter and never miss out on the latest news!
Join the Cyber Warriors community and get Insider Tips & Tricks to defend your digital assets.

© Cyberwarriorsmiddleeast.com