Finding and mitigating the risk of vulnerabilities in BGP implementations

Presented by

Daniel dos Santos, Head of Security Research, Vedere Labs

About this talk

Forescout Vedere Labs recently disclosed three new vulnerabilities on a popular Border Gateway Protocol (BGP) open-source implementation. These vulnerabilities highlight message parsing as an often-overlooked aspect of BGP security and they could be exploited to achieve a denial of service on vulnerable peers, thus dropping all sessions and routing tables. Recent BGP incidents show that it might take only a malformed packet to cause potentially large disruptions since software suites implementing BGP are used by major networking vendors and found in ISPs and large data centers. Therefore, organizations should not rely only on their ISPs to handle BGP security. This research shows that modern BGP implementations still have low-hanging fruits that attackers can abuse. Learn how we found the three new vulnerabilities, what their risk is, and what to do to mitigate these risks. Speaker: Daniel dos Santos, Head of Security Research at Vedere Labs
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (73)
Subscribers (4551)
Your organization has become an Enterprise of Things (EoT). PCs, mobile devices, cloud workloads and other traditional IT systems. Agentless IoT and OT devices. Device diversity is thriving at the cost of security as your users connect from all over the map – literally. Every thing that touches your enterprise network exposes you to potential risk. You must see it and secure it. Get to know Forescout. Learn more about our products, hear about new cyber security trends and see how Forescout helps you address these. We offer the only solution that actively defends the Enterprise of Things at scale. Register for our webinars or visit our website for more information: Webinar languages include English, German, French, Italian and Spanish.