The IT security software vendor, on Wednesday, patched four critical vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure Gateways, the company’s flagship VPN solutions, capable of allowing remote code execution (RCE) and denial of service (DoS) attacks on the affected systems.
Ivanti to undergo a security overhaul
According to the open letter, published along with a YouTube video by Abbott, Ivanti is planning a transformation of its security operating model which will include revamping core engineering, security, and vulnerability practices, ensuring “secure by design” methodologies for all products, partnering cyberdefence agencies, and ensuring transparent communication with customers and stakeholders.
“We are now executing a plan that accelerates security initiatives already underway and implements improved practices to anticipate, prevent, and protect against future threats,” Abbott added. “We have engaged the industry’s most recognized security and product development experts to support the Ivanti team’s review and to provide best-in-class execution guidance, ensuring we meet our commitment to you, so that your organization can work easily, securely, and with confidence.”