The concept of software-defined wide area network (SD-WAN or SDWAN) is central to modern computer networking, particularly in enterprise networks. By definition, these systems form network perimeter and connect Internet, WAN, extranet, and branches, which makes them crucial from a cybersecurity point of view. The goal of this talk is to provide the results of passive and active fingerprinting for SD-WAN systems using a common threat intelligence approach. We explore Internet-based and cloud-based publicly available SD-WAN systems using the well-known «Shodan» and «Censys» search engines and custom developed automation tools and show that most of the SD-WAN systems have known vulnerabilities related to outdated software and insecure configuration.
SD-WAN Internet Census
November 21, 12:15|30min|hall Mir
Anton Nikolaev is a security researcher at VDOM Research, student at Tomsk State University, and member of the SiBears CTF team.
Denis Kolegov is a security researcher and an associated professor in computer security at Tomsk State University. His research focuses on network security, web application security, access control, and covert communications. Prior to this, Denis was the Application Firewall team lead at Positive Technologies. He holds a PhD and associated professor degree in computer security. Denis has presented at different international security conferences including Area41, Zero Nights, Positive Hack Days, and SibeCrypt.
Oleg Broslavsky is a security enthusiast, PhD student at Tomsk State University, and member of the SiBears CTF team. He has given talks about aspects of web security and post-exploitation techniques at some practical security conferences (Positive Hack Days, ZeroNights), developer conferences (HighLoad++) and even academical ones (SibeCrypt).