Citrix and FireEye have released a free tool that enables organizations to assess potential indications of compromise (IOCs) in their systems based on known attacks and exploits.
The Citrix-FireEye tool helps increase awareness regarding potential IOCs related to CVE-2019-19781, a security vulnerability that affects certain versions of Citrix Application Delivery Controller (ADC), Citrix Gateway and two older versions of Citrix SD-WAN WANOP, the companies said. Organizations can use the tool to identify potential IOCs and take appropriate steps to protect themselves against CVE-2019-19781 and other security vulnerabilities.
However, the Citrix-FireEye tool is not guaranteed to find all evidence of compromise or evidence of compromise related to CVE-2019-19781, the companies indicated. If potential IOCs are identified with the tool, Citrix and FireEye recommend that organizations perform a forensic examination of compromised systems to determine the scope and extent of the incident.
The Citrix-FireEye tool is now available in both the Citrix and FireEye GitHub (GIT) repositories.
FireEye Introduces New Services
The Citrix-FireEye tool announcement comes after FireEye launched Cloud Security Assessments and Cyber Defense Operations consulting services earlier this month. FireEye’s Cloud Security Assessments help organizations evaluate and improve their cloud security, and its Cyber Defense Operations consulting services help organizations bolster their security operations center (SOC) threat detection and response capabilities, according to the company.
FireEye also unveiled a Digital Threat Monitoring service at the company’s 2019 FireEye Cyber Defense Summit in Washington, D.C. Digital Threat Monitoring automatically collects and analyzes content on the dark and open web and notifies organizations any time a potential threat is detected, FireEye stated.
In addition, FireEye recently unveiled Purple Team and Continuous Purple Team Assessments for its Mandiant cybersecurity consulting services. Organizations can use these assessments to work with Mandiant incident response experts to evaluate their security programs against simulated attack scenarios, FireEye said.