Folks, with the #F5 boxes, I tried to tell you all, you’ve got to get the network security devices out of your networks, stat. They are all inherently vulnerable. In the past I would have said, well put a WAF in front of it, but now I just think that these are all ticking time bombs and you need to redesign your network to not have hardware that constantly needs to be patched and possibly has backdoors implanted that can’t be monitored and probably has bad actors running loose who are pwning all your stuff right now as we speak. I can’t even keep my gist library of all the discovered vulnerabilities in various manufacturers’ network devices properly updated. I gave a talk about this subject earlier this year and an entire room of network security guys was nodding along with me. So everyone knows the jig is up and it’s time to throw the inherently vulnerable F5 and Fortinet and Citrix boxes into the metal recycling heap. #InfoSec
#F5BigIp
https://gist.github.com/suzannealdrich/cf7723ef4524304242a5266738537112