Building Context with UEBA relationship graphs, using GraphML

sridhar-iyer
By Sridhar Iyer

May 2, 2024

Versa UEBA incorporates GraphML to generate insights and detect anomalies in user relationship graphs. Anomaly and behavior detections are just the first step. We then need to quickly pivot into building the forensics to inform response and remediation. This can involve determining the origination point of a malicious activity or an attack and building the scope and scale of a potential breach.

Versa Security Bulletin: Palo Alto Networks PAN-OS GlobalProtect Zero-Day Vulnerability under Active Exploitation

Versa Security Research Team
By Versa Security Research Team

April 19, 2024

CVEs: CVE-2024-3400; Summary Recently Palo Alto Networks announced a critical vulnerability in their PAN-OS software used in their GlobalProtect VPN Gateway, which is a feature in the PAN-OS Firewall. The discovery and public disclosure of the vulnerability and fixes timeline is currently as follows:  Volexity first discovered the PAN-OS attack on April 10, 2024 at one of its network security monitoring (NSM) customers, and on April 11, 2024 subsequently learnt that another NSM customer was compromised by the same threat actor.   Palo Alto Networks was then notified by Volexity that a zero-day vulnerability in its GlobalProtect Gateway was under active…

Data Defense in Depth: Unifying Data Protection and Zero Trust through SASE for Ultimate Data Protection with Versa Networks

In the rapidly evolving landscape of cyber threats, data protection has become a priority concern. Traditional security models are proving inadequate in the face of sophisticated attacks, leading organizations to seek out more dynamic and robust approaches to securing their data. The integration of Secure Access Service Edge (SASE) and Zero Trust architectures offers a promising approach to modern cybersecurity challenges. In this blog, we delve into how Versa Networks merges SASE and Zero Trust to ensure the protection of data in today’s landscape.

CyberRatings.org Recommends Versa Networks as a Top Tier Next Generation Firewall for Cloud Deployments

jon-taylor
By Jon Taylor
Director and Principal of Security, Versa Networks
April 3, 2024

Cloud security is mission critical especially in an environment where cyber threats have evolved in frequency and sophistication like never before making the need for highly efficient and robust cloud firewall solutions is undeniable. CyberRatings.org (CRO) is a cyber assessment firm focused on providing independent, objective ratings of security product efficacy based on real-world testing. They just finished a rigorous evaluation of eleven vendors in the Cloud Network Firewall space, including the Versa Next Generation Firewall (NGFW) for cloud deployments. This detailed analysis tested Cloud Firewall performance for key capabilities across: Routing and access control TLS/SSL functionality Stability and reliability…

Versa Security Bulletin: ConnectWise ScreenConnect Authentication Bypass and Path-Traversal Vulnerabilities

Versa Security Research Team
By Versa Security Research Team

March 8, 2024

CVEs: CVE-2024-1708; CVE-2024-1709 Summary On Feb. 13, 2024, ConnectWise was notified of two vulnerabilities in their remote access tool ScreenConnect. On Feb. 19, 2024, ConnectWise publicly disclosed two new high severity and critical vulnerabilities patched in its remote access tool ScreenConnect Version 23.9.8, with the following CVEs: CVE-2024-1708 Path-Traversal vulnerability (CWE-22) and CVE-2024-1709 Authentication Bypass vulnerability (CWE-288). These vulnerabilities can be exploited to deliver Remote Access Trojans (RATs), Ransomware, Cryptocurrency miners, Stealer malware and many others. CVE Description CVSSv3 Severity CVE-2024- 1709 (CWE-288) Authentication Bypass Using Alternate Path or Channel 10.0 Critical CVE-2024- 1708 (CWE-22) Improper Limitation of a Pathname to…

Versa Security Bulletin: Volt Typhoon Exploitation of N-Day and Zero-Day Vulnerabilities

Versa Security Research Team
By Versa Security Research Team

February 28, 2024

Summary This security bulletin focuses on understanding the sophisticated exploitation of critical n-day and zero-day vulnerabilities in VPN and other network devices by state-sponsored threat actors, reinforcing the urgency for organizations to prioritize patching vulnerabilities in appliances known to be targeted. The recent exploitation of the critical FortiOS vulnerability followed a disclosure by CISA and other federal agencies revealing that China-linked threat group Volt Typhoon has been known to exploit network appliances from several vendors including Fortinet. Fortinet released a blog post to coincide with the U.S. agencies’ advisory, which pointed to “the need for organizations to have a robust…

Securing IoT Devices on Mobile Networks

rahul-vaiyda
By Rahul Vaidya
Director, Product Management
February 22, 2024

Securing the over three billion IoT devices globally connected to corporate systems via mobile networks presents a formidable and growing challenge for organizations worldwide. Driven by the adoption of newer IoT-specific cell technologies like LTE-M, NB-IoT, and LTE-Cat 1, along with a boom in 5G module shipments as older 2G and 3G modules are phased out, the number of cell-connected IoT devices is growing 27 percent a year, taking market share from Wi-Fi and Bluetooth connections. My recent collaboration with the network and security team of one of our industrial customers provided a front-row seat to the complexities of safeguarding…

Private SASE – For Those Who Need to Build Their Own!

anuj
By Anuj Dutia

February 15, 2024

Introduction: Interest in SASE has exploded with CIOs and CISOs alike. The promise of dramatic cost reductions, security improvements and improved agility delivered by a converged networking (SD-WAN) and security (SSE) infrastructure is compelling. However, today’s SASE solutions are commonly delivered on a shared global infrastructure of PoPs provisioned by a handful of technology vendors. This approach doesn’t always meet everyone’s requirements. A “shared” SASE approach is generally good enough for many companies, delivering unified networking and security capabilities with fast time to market and cloud/SaaS economics. But because these shared services lack any ability to control and manage service…

Versa Security Bulletin: Multiple Vulnerabilities Affecting Ivanti Connect Secure and Ivanti Policy Secure

Versa Security Research Team
By Versa Security Research Team

February 7, 2024

CVEs: CVE-2023-46805, CVE-2024-21887, CVE-2024-21888, CVE-2024-21893 Summary Recently, Ivanti Connect Secure appliances have faced active exploitation through a series of linked vulnerabilities of high or critical severity. On January 10, 2024, Ivanti disclosed two new vulnerabilities in its Ivanti Connect Secure and Ivanti Policy Secure gateways: CVE-2023-46805 (high severity authentication bypass vulnerability) and CVE-2024-21887 (critical severity command injection vulnerability).

To 100G and Beyond: The Next Frontier for SASE

rajoo
By Rajoo Nagar

January 24, 2024

To 100G and Beyond: The Next Frontier for SASE In the ever-evolving landscape of enterprise networking and security, a significant transformation is underway. Siloed, point product infrastructures are giving way to a Secure Access Service Edge (SASE) approach, driven by the rapid adoption of cloud technologies, the increased reliance on collaboration tools, and the emergence of hybrid work models.


Topics





Recent Posts








Top Tags


Gartner Research Report

2023 Gartner® Critical Capabilities for SD-WAN

Versa Networks has been positioned in the highest ranked three vendors for all five Use Cases in the 2023 Gartner® Critical Capabilities for SD-WAN Report.