OnDemand Special Offer - iPad Air w/ Smart Keyboard, Surface Go, or $300 Off!

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

What you Need To Know About The Critical Citrix Gateway (Netscaler) Vulnerability CVE-2019-19781

  • Tuesday, December 31, 2019 at 1:00 PM EST (2019-12-31 18:00:00 UTC)
  • Jason Lam, Johannes Ullrich

You can now attend the webcast using your mobile device!

  

Overview

Citrix published a critical security bulletin advising users of its Application Delivery Controller (ADC) and Gateway devices of an easily exploited remote code authentication vulnerability. Many organizations are relying on these devices as load balancers, to control access to APIs and to terminate SSL VPNs. An attacker may use this vulnerability to execute code on the device, compromising a critical perimeter security component. In this webcast, you will learn how to protect yourself from this vulnerability and how to detect possible exploit attempts. We will show how attackers find vulnerable devices and discuss if any exploits have already been detected in the wild.

Why is this important:

  • The vulnerability allows unauthenticated, remote code execution on a critical perimeter security device
  • It is estimated that 80,000 organizations are affected
  • Citrix released a bulletin with a fix 2 weeks ago, but the impact of the vulnerability wasn't apparent until earlier this week.

Speaker Bios

Jason Lam

Jason is accountable for cyber security at a large global financial company. He has over 15 years of experience in the information security industry progressing from hands-on research work to securing large-scale enterprise environments. His recent SANS Institute courseware development includes Defending Web Application Security Essentials and Web Application Pen Testing Hands-On Immersion.Jason started out as a programmer before moving on to an ISP as a network administrator. Handling security incidents for this ISP sparked his interest in information security. Over the years, Jason has performed and led intrusion detection, penetration testing, defense improvement programs and incident response in large enterprise environments. Recently, Jason specializes in building large-scale security operations teams to handle the full cycle of threat identification, response and remediation, in parallel with his passion for directing enterprise web application security programs.


Johannes Ullrich

Johannes Ullrich, dean of research at the SANS Technology Institute, is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. His research interests include IPv6, network traffic analysis and secure software development. In 2004, Network World named Johannes one of the 50 most powerful people in the networking industry, and SC Magazine named him one of the top five influential IT security thinkers for 2005. Prior to working for SANS, Johannes served as a lead support engineer for a web development company and as a research physicist.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.