Software-defined networking in a wide area network (SD-WAN) quickly becomes very popular in Enterprises. Vendors promise "on-the-fly agility, simplicity, security and automation" and many other benefits. What do you know about SD-WAN? What "security" means from a hands-on perspective? Are present SD-WAN products really secure?
The goal of this project is to give answers to these questions by exploring implementation security of real SD-WAN solutions from a practical point of view.
- SD-WAN Internet Census (preprint)
- SD-WAN Threat Landscape (preprint)
- Practical Security Assessment of SD-WAN Implementations
- SD-WAN Security: A Product Liability Insurance Law Would Certainly Help
- SD-WAN TLS Scanning (draft)
- Malicious Portal Can Access REST API on EdgeConnect
- Malicious or Untrusted Orchestrator Can Access REST API on EdgeConnect
- SilverPeak’s IPsec UDP protocol implementation fails to provide forward secrecy
- Silverpeak EdgeConnect Multiple Vulnerabilities
- SD-WAN Secure Communication Designs and Vulnerabilities. DeepSec 2019
- One Framework to Rule Them All: A framework for Internet-connected Device Census. OFFZONE 2019
- A dive in to SD-WAN Insecure Designs and Vulnerabilities. SecurityFest 2019
- SD-WAN New Hope. PHDays 2019
- SD-WAN Secure Communications. Yandex OSN Meetup 2019
- SD-WAN: Yet Another Way to Unsafe Internet. InsomniHack 2019
- SD-WAN Internet Census. Zero Nights 2018
- "WebGoat.SDWAN.Net" in Depth. Power of Community 2018
- Practical Threat Modeling for SD-WAN. Area 41 2018
- Too Soft[ware Defined] Networks: SD-WAN Vulnerability Assessment. Black Hat USA 2018