Ivanti Commits to Enhanced Security Measures Following Disclosure of 4 New Vulnerabilities

Resources
Ivanti Commits to Enhanced Security Measures Following Disclosure of 4 New Vulnerabilities

Published:

Written by: Staff Editor
spot_img

Ivanti Announces Security Overhaul Amid Fresh Set of Bugs In Connect Secure and Policy Secure Products

Ivanti CEO Jeff Abbott has announced a complete overhaul of the company’s security practices in response to a series of bug disclosures in its Ivanti Connect Secure and Policy Secure remote access products. This comes after Ivanti disclosed four new bugs this week, including high-severity vulnerabilities that pose a risk to customers.

In an open letter to customers, Abbott outlined a series of changes that Ivanti will implement in the coming months to enhance its security operating model. This includes a revamp of engineering, security, and vulnerability management processes, as well as the implementation of a new secure-by-design initiative for product development.

These changes aim to embed security into every stage of the software development life cycle and enhance internal vulnerability discovery and management processes. Additionally, Ivanti plans to increase incentives for third-party bug hunters and provide more resources to customers for finding vulnerability information.

Despite these commitments, some customers remain skeptical due to Ivanti’s recent security track record, which includes a total of 11 vulnerabilities disclosed since January. Security researcher Jake Williams notes that many Fortune 500 clients view Ivanti’s response as “too little, too late,” raising concerns about the security of Ivanti’s products.

The steady stream of bug disclosures has led to questions about the risk posed to Ivanti’s 40,000 customers worldwide. Some customers have expressed frustration, while competitors like Cisco have seized the opportunity to offer incentives to lure Ivanti VPN customers to their platforms.

Analyst Eric Parizo attributes some of Ivanti’s challenges to its history of acquisitions, resulting in uneven software quality. However, he sees Ivanti’s commitment to improving security processes as a positive step and suggests that indemnifying customers for damages from vulnerabilities could help restore confidence in the company.

spot_img

Related articles

Recent articles

Instructure Pays Ransom to Hackers Following Major Canvas Data Breach Amid Congressional Investigation

Dark Watch
Instructure Pays Ransom to Hackers Following Major Canvas Data Breach Amid Congressional Investigation In a significant development within the education technology sector, Instructure, the company...
Read more

Siemens and UAE Cyber Security Council Strengthen Cyber Resilience Through Strategic Partnership

Regional
Siemens and UAE Cyber Security Council Strengthen Cyber Resilience Through Strategic Partnership In a significant move to bolster cybersecurity across critical infrastructure, the UAE Cyber...
Read more

Mini Shai-Hulud Worm Compromises 170+ Packages Across TanStack, Mistral AI, and Guardrails AI

Global
Mini Shai-Hulud Worm Compromises 170+ Packages Across TanStack, Mistral AI, and Guardrails AI A recent surge in supply chain attacks has been attributed to the...
Read more

AI Advances Next-Gen DLP Solutions to Combat Evolving Information Security Threats

Features
AI Advances Next-Gen DLP Solutions to Combat Evolving Information Security Threats In the rapidly evolving landscape of cybersecurity, the integration of artificial intelligence (AI) into...
Read more