{"id":4372,"date":"2025-08-13T17:35:30","date_gmt":"2025-08-13T17:35:30","guid":{"rendered":"https:\/\/cybersecurityinfocus.com\/?p=4372"},"modified":"2025-08-13T17:35:30","modified_gmt":"2025-08-13T17:35:30","slug":"def-con-research-takes-aim-at-ztna-calls-it-a-bust","status":"publish","type":"post","link":"https:\/\/cybersecurityinfocus.com\/?p=4372","title":{"rendered":"DEF CON research takes aim at ZTNA, calls it a bust"},"content":{"rendered":"<div>\n<div class=\"grid grid--cols-10@md grid--cols-8@lg article-column\">\n<div class=\"col-12 col-10@md col-6@lg col-start-3@lg\">\n<div class=\"article-column__content\">\n<div class=\"container\"><\/div>\n<p>Zero Trust Network Access (ZTNA) has been promoted by vendors over the last several years as a foundational approach for network security. The basic premise is to never trust and always verify.<\/p>\n<p>While the core ideas behind ZTNA are valid, this multi-billion dollar market faced a brutal assessment at\u00a0<a href=\"https:\/\/defcon.org\/\">DEF CON 2025<\/a>\u00a0when UK security researchers from\u00a0<a href=\"https:\/\/www.amberwolf.com\/\">AmberWolf<\/a>\u00a0demonstrated severe vulnerabilities across three major ZTNA vendors.<\/p>\n<p>The research team found complete authentication bypasses in all tested platforms. Check Point\u2019s Harmony SASE contained hard-coded encryption keys that exposed customer data through diagnostic logs. Zscaler\u2019s SAML implementation failed to validate signatures, allowing attackers to forge authentication tokens. Netskope suffered from cross-tenant vulnerabilities that let attackers compromise any organization using leaked enrollment tokens.<\/p>\n<p><a href=\"https:\/\/www.networkworld.com\/article\/4039042\/def-con-research-takes-aim-at-ztna-calls-it-a-bust.html\">Continue reading on Network World.<\/a><\/p>\n<\/div>\n<\/div>\n<\/div>\n<\/div>","protected":false},"excerpt":{"rendered":"<p>Zero Trust Network Access (ZTNA) has been promoted by vendors over the last several years as a foundational approach for network security. The basic premise is to never trust and always verify. While the core ideas behind ZTNA are valid, this multi-billion dollar market faced a brutal assessment at\u00a0DEF CON 2025\u00a0when UK security researchers from\u00a0AmberWolf\u00a0demonstrated [&hellip;]<\/p>\n","protected":false},"author":0,"featured_media":4373,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3],"tags":[],"class_list":["post-4372","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-education"],"_links":{"self":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/4372"}],"collection":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"replies":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=4372"}],"version-history":[{"count":0,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/posts\/4372\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=\/wp\/v2\/media\/4373"}],"wp:attachment":[{"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=4372"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=4372"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybersecurityinfocus.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=4372"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}