SD-WAN Internet Census
This addresses cybersecurity risks for enterprise networks by exposing vulnerabilities in SD-WAN systems, though it is incremental as it applies existing methods to a specific domain.
The paper tackled the problem of identifying security vulnerabilities in publicly accessible SD-WAN systems by conducting passive and active fingerprinting using tools like Shodan and Censys, and found that most systems had known vulnerabilities due to outdated software and insecure configurations.
The concept of software defined wide area network (SD-WAN or SDWAN) is central to modern computer networking, particularly in enterprise networks. By definition, these systems form network perimeter and connect Internet, WAN, extranet, and branches that makes them crucial from cybersecurity point of view. The goal of this paper is to provide the results of passive and active fingerprinting for SD-WAN systems using a common threat intelligence approach. We explore Internet-based and cloud-based publicly available SD-WAN systems using well-known Shodan and Censys search engines and custom developed automation tools and show that most of the SD-WAN systems have known vulnerabilities related to outdated software and insecure configuration.