Posts tagged ‘Security’

Intelligent Edge Jun 4, 2026

Resiliency Is the New SLA: Why AI Demands an Always-On Intelligent Edge 

For decades, we’ve measured the network in terms of uptime percentages and bandwidth tiers. In the AI era, those metrics are no longer enough. Resiliency, which is the ability to deliver uninterrupted, any-directional, application-aware connectivity in the face of unpredictable AI workloads, is the new SLA. 

Read More
Industry Insights May 13, 2026

CVE-2026-41940: Inside the cPanel/WHM Authentication Bypass

Introduction Hosting control panels operate with near-total authority over a server: websites, databases, DNS, email, and the account lifecycle are all driven from one place. That privilege makes them a high-value target—when a control-plane bug appears, compromise can extend far beyond a single site. CVE-2026-41940 is a pre-authentication bypass affecting WebPros cPanel & WHM (WebHost Manager) and WP2 (WordPress Squared). In practical terms, it lets a remote, unauthenticated attacker reach administrator-level control without supplying valid credentials. Background: What Is cPanel/WHM? cPanel is a widely deployed, Linux-based hosting panel. WHM is the higher-privileged layer used by resellers and server administrators to…

Read More
Industry Insights May 12, 2026

Compliance: Mapping the Coast Guard’s MTSA Cyber Rule to VersaONE

Here is how Versa Unified SASE platform translates 33 CFR Part 101, Subpart F into controls for compliance.

Read More
Industry Insights May 11, 2026

The Ghost in the Leased Line: Unmasking MuddyWater, Surgical Cyber Arm

In the high-stakes theater of global geopolitics, the most effective weapons aren’t always missiles; sometimes, they are just few lines of code.

Read More
Company Updates May 6, 2026

Closing the Cloud Security Posture Management Gap with Versa CSPM

Today’s environments span multi-cloud infrastructure, SaaS ecosystems, remote endpoints, and an increasing layer of AI-driven applications and integrations. This expansion has introduced a new class of challenges—not just scale, but visibility. 

Read More
Industry Insights Apr 2, 2026

Identity Is the New Perimeter. Stryker Just Taught Us That the Hard Way.

A story on how an Iran-linked group wiped tens of thousands of Stryker’s devices A nation-state attack that changes every assumption we had For years, we have treated nation-state threats as a “Tier 1” problem — something reserved for defense contractors and the energy grid. The March 2026 attack on Stryker Corporation by Iran-linked group Handala officially kills that assumption. On March 11, 2026, Stryker’s corporate Microsoft environment was hit. Employees arrived to find their managed devices wiped out overnight through entirely legitimate Intune commands. Handala claimed 200,000+ systems affected; independent reporting confirms that tens of thousands were impacted. Stryker’s…

Read More
Company Updates Mar 20, 2026

Automating Branch-to-Cloud Connectivity and Security: Versa Secure SD-WAN Integration with Zscaler Internet Access 

We’re excited to introduce an automated integration between Versa Secure SD-WAN and Zscaler that makes dual-vendor SASE faster, secure and resilient. This integration helps you secure local internet breakout, improve user experience and simplify operations 

Read More
Industry Insights Mar 19, 2026

Why Identity Alone Isn’t Enough: Device Posture in Contextual Zero Trust Security

Identity-based access is incomplete without device posture. Learn how contextual Zero Trust and continuous endpoint profiling reduce standing privilege risk in Dynamic Enterprises.

Read More
Research Lab Feb 5, 2026

BrickStorm Malware: Anatomy of a Stealth Linux Backdoor Targeting Modern Infrastructure

BrickStorm is a highly stealthy Linux backdoor designed for long-term, targeted cyber-espionage. Brickstorm is closely associated with Cyber Espionage group UNC5221, which is known for exploiting zero-days vulnerability in network edge appliances like Ivanti, F5 and MiTRE breach. Unlike commodity malware, BrickStorm is deployed post-compromise, operates largely in memory, and uses a modular architecture with custom encrypted command-and-control (C2). Its focus on Linux servers, network appliances, and embedded systems reflects a broader trend: attackers increasingly target infrastructure layers where visibility and detection are weakest.

Read More
Company Updates Jan 30, 2026

‘Secure by Design’ at Versa: One Year of Progress 

Security is a product decision, not an afterthought. As a further commitment to this principle and as a reflection of our pledge to the CISA Secure by Design goals, over the past year Versa has been putting them into practice across our platform, processes, and programs. Organized below around the seven Secure by Design pledge goals is a summary of the related new capabilities and enhancements we’ve delivered, along with a quick explanation of the importance of the changes.  

Read More

FIN7 — the New Avatar

Winny Thomas
By Winny Thomas
Principal Security Architect
November 2, 2017

Fin7 is a cybercrime group that employs spear phishing attacks to deliver malware that uses fileless malware techniques, sophisticated evasions and persistence. They mostly target the financial sector. In this blog, we are going to take a high-level look at one such sample seen in the wild, which employs several layers of obfuscated JScript, powershell and DLL embedded within a Microsoft Word document. The sample analyzed has the MD5 hash 29a3666cee0762fcd731fa663ebc0011. Through a series of deeply embedded base64 encoded scripts, obfuscated code and use of powershell, this strain achieves stealth and evasion. The document arrives as an email attachment in…

SD-WAN: The Right Treatment for Managing Growth in the Healthcare Sector

The Versa Team
By The Versa Team
Universal SASE leaders
October 30, 2017

Healthy growth is something every company strives for. As with human development, the rate of growth can impact a business’s well-being: Grow too slowly, and the business can become stagnant or obsolete. Grow too quickly, and the business will experience growing pains that could threaten its overall health. In every sector, managing growth effectively can ensure longevity for the business. In the healthcare space, however, it can mean the difference between life and death—for the business and its customers. As a medical practice or healthcare facility expands, either organically or through acquisition, is its existing network capable of handling the…

Apache Tomcat Remote Code Execution Vulnerability (CVE-2017-12617)

The Versa Team
By The Versa Team
Universal SASE leaders
October 18, 2017

Several Security Vulnerability have been patched in recently in Apache Tomcat. The list of fixed flaws recently addressed also included code execution vulnerabilities. Apache Tomcat is the most widely used web application server, with over one million downloads per month and over 70% penetration in the enterprise datacenter. The Apache Tomcat development team publicly disclosed the presence of a remote code execution vulnerability, tracked as CVE-2017-12617, affecting the popular web application server. The Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 are affected. The vulnerability is classified as “important” severity, has been…

Financial Services, Powered by SD-WAN

The Versa Team
By The Versa Team
Universal SASE leaders
October 12, 2017

Banks and financial institutions are more technology-reliant than ever before as they seek to be more customer-centric in their offerings. As such, the branch plays a major role in their quest for customer service excellence, giving customers a place to conduct transactions, receive personalized attention from bank reps and take advantage of next-generation technologies such as video how-to’s or chatbots to further enhance their banking experience. Some banks have taken customer-centricity one step further, opening their branches to act as neighborhood community centers or gathering places for organizations. Some bank branches make their videoconferencing systems available for customers to use,…

Apache: Failed to Harden in 2017

The Versa Team
By The Versa Team
Universal SASE leaders
October 10, 2017

Apache’s gaps has been in news for quite a while, and this has led to the massive milestone of Equifax being compromised to the tune of 143 million records. This has been a difficult year for Apache, with so many vulnerabilities being reported. Refer to the link for a list of Apache vulnerabilities reported in 2017.  Though previous years also accounted for large chunks of Apache vulnerability, this year it has been in news for two particular vulnerabilities, CVE-2017-5638 (which led to the compromise of user data through the Equifax breach) and CVE-2017-9805 (due to the fact that the public…

How Service Providers Can Leverage Software-Defined Security (SD-Security)

The Versa Team
By The Versa Team
Universal SASE leaders
February 16, 2017

In our last post, we talked about the benefits of network function virtualization (NFV) for managed service providers. Taking a step further, we’ll now examine how providers that deploy NFV can further benefit from this rapidly growing industry trend of evolving previously hardware-centric networks by leveraging security technologies into software-based services. A core element of NFV is the virtualized network function (VNF), which is a software-based or virtualized version of a specific function such as a next-generation firewall (NGFW). Employing VNFs goes far beyond just converting from point hardware to virtualized software instances such as an NGFW. VNFs, which are…

Versa Software-Defined Security (SD-Security) Gains Momentum; Takes Home TMC’s Cloud Computing Security Excellence Award

Sunil Ravi
By Sunil Ravi
Chief Security Architect, Versa Networks
October 26, 2016

In February, Versa announced major feature and performance enhancements to the software-defined security (SD-Security) used in its branch security offering. The enhanced SD-Security enables service providers and large enterprise IT teams to deliver a wide range of layered security services for branch offices, including advanced functions such as domain name system (DNS) security and secure web gateways (SWG), coupled with full multi-tenancy. Analysts Understand the Need for SD-Security According to industry analysts, branch offices are increasingly becoming a targeted point of entry into corporate networks, with attack volume growing more than 500 percent over the last three years. Gartner’s 2012…

Securing the Branch Network with SD-Security and NFV

The Versa Team
By The Versa Team
Universal SASE leaders
February 23, 2016

Industry analysts have noted that branch offices are increasingly becoming a targeted point of entry into corporate networks, with attack volume growing more than 500 percent over the last three years. This is due in large part to three major trends/issues: the increasing adoption of cloud- vs. data center-hosted apps, the adding of Internet circuits as additional (and lower cost) connectivity for branch offices, and the largely unchanged and static architecture of branch office networks. The latter point is compounded by the need to deploy a multitude of siloed security appliances and/or software packages to enforce any kind of defense-in-depth…


Recent Posts













Gartner Research Report

2025 Gartner® Magic Quadrant™ for SASE Platforms

Versa has for the third consecutive year been recognized in the Gartner Magic Quadrant for SASE Platforms and is one of 11 vendors included in this year's report.