enterprisesecuritymag

Free Enterprise Security Software Offers Continuous Protection from F5 Vulnerability

By Enterprise Security Magazine | Tuesday, July 28, 2020

F5-Protect software continuously identifies system compromises resulting from the F5 critical security flaw.     

FREMONT, CA: A pioneering encryption visibility and digital certificate analytics for cloud and on-premises, HelmCyber, announces the general availability of F5-Protect software to instantly and continuously identify indicators of the compromise resulting from the F5 Big-IP vulnerability. This no-cost enterprise security software operates non-intrusively as a self-contained virtual appliance.

F5-Protect is tailored to pinpoint all systems behaving abnormally as a result of the F5 Big-IP TMUI vulnerability (CVE-2020-5902). This potential is extremely useful and time saving for incident response and to identify when malicious actors have returned to exploit previously compromised systems. It uses intelligent monitoring to identify when either internal or external connections indicate an attack in progress. F5-Protect also makes no assumptions about the nature of the attack, but it detects solely based on the resulting information, which cannot be hidden. If customers opt to upgrade, they can gain visibility into their Digital Certificate information, which is also at risk with the F5 vulnerability. A seamless upgrade offers further indictors of compromise with internal or external digital certificates.

The F5 vulnerability allows attackers with network access to the BIG-IP Configuration utility, via the F5 management port or through self IPs, to execute system commands potentially resulting in complete system compromise. HelmCyber developed the F5-Protect enterprise software as a free subscription version of the company's encryption visibility and digital certificate analytics platform. The feature in this free version is aimed specifically to the F5 TMUI vulnerability. The critical flaw is natural to exploit with a simple browser URL and could lead to complete system compromise. CISOs are rightfully concerned that once they've patched their F5 Big-IP systems that they may still be at risk if their systems had already been compromised.

Weekly Brief