WatchGuard’s Product Security Incident Response Team (PSIRT) has launched our public PSIRT page to provide a consolidated resource where network administrators can find advisories and information about security vulnerabilities in WatchGuard products, as well as WatchGuard’s investigations into industry-wide security issues that may impact our products or services.
Our PSIRT page also provides information for security researchers who want to responsibly report vulnerabilities they’ve discovered. It will outline policies around reporting, including a “Safe Harbor” clause that protects users from potential legal action stemming from the report and/or research into the vulnerability, and how to report a vulnerability.
Our goal is to help administrators identify important security issues that may impact their WatchGuard products and provide guidance on mitigation strategies and potential workarounds. We will publish advisories for issues that fall into three main categories:
- The first is flaws that we find in the Firebox and other WatchGuard products that warrant immediate action. We will share details about the vulnerability (without providing information that might be useful to attackers), including its severity and mitigating factors to help administrators quickly understand their potential impact. These advisories will include specific steps, either through software upgrades or configuration changes that administrators can take to mitigate the vulnerability.
- Secondly, we list out major, industry-wide vulnerabilities (for example, Log4Shell) whose effects on our products may be in question by customers or partners. This category of advisory provides MSPs and customers with that information without needing to request information.
- Lastly, the page will include advisories for most WatchGuard product vulnerabilities found by outside researchers. We appreciate the hard work of external researchers that work with us through the responsible disclosure process. We strive to give credit wherever possible while guiding customers with the most complete picture possible of the vulnerability and its impact.
The page is also designed to simplify compliance. When administrators conduct audits or vulnerability scans, they will be alerted to relevant CVEs and associated upgrades or fixes they should implement. Additionally, the page provides CVSS scores that detail the severity of vulnerabilities, which can help teams with prioritization in a sea of alerts.
This new page reflects our commitment to enabling our MSPs, partners and customers to stay one step ahead of threat actors in an increasingly complex cybersecurity environment. Over time, WatchGuard will add new information and capabilities to our PSIRT page to keep current with industry best practices and to further streamline the tracking and reporting of vulnerabilities. As always, customers and partners can mitigate risk by ensuring that they upgrade to the latest firmware and apply patches as they become available.
Leave a Reply