Software-defined networking in a wide area network (SD-WAN) quickly becomes very popular in Enterprises. Vendors promise "on-the-fly agility, simplicity, security and automation" and many other benefits. What do you know about SD-WAN? What the "security" means from a hands-on perspective? Are present SD-WAN products really secure? The goal of this project is to give answers on these questions by exploring security of SD-WAN solutions from a practical point of view.
- Citrix SD-WAN Center Security Findings
- Citrix NetScaler SD-WAN Security Findings
- Silverpeak EdgeConnect Multiple Vulnerabilities
- Riverbed SteelConnect Vulnerabilities
- Viprinet Virtual VPN Hub Stored XSS
- One Framework to Rule Them All: A framework for Internet-connected Device Census. OFFZONE 2019
- A dive in to SD-WAN Insecure Designs and Vulnerabilities. SecurityFest 2019
- SD-WAN New Hope. PHDays 2019
- SD-WAN Secure Communications. Yandex OSN Meetup 2019
- SD-WAN: Yet Another Way to Unsafe Internet. InsomniHack 2019
- SD-WAN Internet Census. Zero Nights 2018
- "WebGoat.SDWAN.Net" in Depth. Power of Community 2018
- Practical Threat Modeling for SD-WAN. Area 41 2018
- Too Soft[ware Defined] Networks: SD-WAN Vulnerability Assessment. Black Hat USA 2018