What You Need to Know about Ripple20

Presented by

Shlomi Oberman, CEO & Researcher, JSOF & Daniel dos Santos, Security Researcher, Forescout Technologies

About this talk

A Conversation with Shlomi Oberman from JSOF According to Gartner, “over 80% of organizations currently use IoT to solve business use cases, and almost 20% of organizations have already detected an IoT-based attack in the past three years.” By now, you’ve heard about Ripple20 – the collective group of vulnerabilities in a widely used Transmission Control Protocol/Internet Protocol (TCP/IP) software library developed by Treck Inc., and discovered by a team at JSOF. JSOF partnered with Forescout Research Labs to use Forescout’s Device Cloud, a unique data lake with information from more than 12 million devices categorized in more than 150 device types, to identify potentially impacted vendors and devices. Tens of millions of devices across over 50 vendors may be affected, exposing a complex supply chain for IoT devices. Additionally, threat actors could execute remote commands against devices connected to the internet, compromise them and move laterally within the network to access or infect other devices. How do security teams respond swiftly to identify and mitigate these vulnerable devices? Join us for a lively conversation with Shlomi Oberman (JSOF) and Daniel dos Santos (Forescout) as they explain: • What really is Ripple20? – a deep dive into discovered vulnerabilities • The impact on the supply chain and the impacted vendors • How to mitigate the risks – even in environments where these devices cannot be patched • What vendors and security teams must do next to limit their exposure

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (149)
Subscribers (16274)
Forescout Technologies is the leader in device visibility and control. Our unified security platform enables enterprises and government agencies to gain complete situational awareness of their extended enterprise environments and orchestrate actions to reduce cyber and operational risk. Learn more about our products, hear about new cybersecurity trends and see how Forescout helps you address these.