Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore critical security vulnerabilities in modern Zero Trust Network Access (ZTNA) and Secure Access Service Edge (SASE) solutions through this 39-minute DEF CON 33 conference talk. Discover how leading cloud-based VPN alternatives from major vendors like ZScaler, Netskope, and Check Point inherit legacy VPN weaknesses while introducing new cloud-specific attack surfaces. Learn detailed methodologies for conducting external reconnaissance against ZTNA platforms, bypassing authentication mechanisms, and circumventing device posture checks through hardware ID spoofing techniques. Examine how attackers can exploit insecure inter-process communication between ZTNA client components to achieve local privilege escalation and circumvent traffic steering controls to access blocked content. Understand the process of exploiting authentication flow vulnerabilities to undermine device trust models and discover how malicious ZTNA servers can be deployed to execute code on connecting clients. Gain insights into previously undisclosed vulnerabilities identified during the researchers' investigation, demonstrating that zero trust architectures do not eliminate security risks but rather transform the threat landscape in ways that organizations must understand and address.
