stormshield.com/category/opinion-articles

The first vulnerability exploited in the attack is CVE-2021-26855, which describes a “Server Side Request Forgery” (SSRF) vulnerability and enables the attacker to send a forged HTTP request to authenticate themselves as an administrator on the Exchange server. Once the 26855 exploit has been used, the CVE-2021-26858 and CVE-2021-27065 vulnerabilities can be used to create an arbitrary file on the Exchange server. Stormshield offers enhanced infrastructure protection via its Stormshield Network Security (SNS) and Stormshield Endpoint Security (SES) solutions. Stormshield has developed the specific http:client:header:cookie.31 signature to detect the exploitation of the CVE-2021-26855 vulnerability and thus block the initial attack vector.

In the wake of 25 major cyberattacks carried out against French hospitals in 2020, the last two recent major attacks were responsible for prompting the French state to publicise its cybersecurity plan, which had been in preparation for several months, and to create a permanent observatory to monitor security levels in health establishments. This bolstering of digital security, at the behest of the French government, is based on several key goals: the development of innovative sovereign cybersecurity solutions and the strengthening of links between the various players, in order to increase France's international position in this sector and create an "ecosystem" that is better equipped to detect and counter attacks; on-demand support, to assist all the parties concerned in raising the profile of the issue, implementing awareness-raising actions and choosing French solutions; and lastly, training in cybersecurity professions, to promote and develop this sector, which has found it difficult to recruit suitable profiles. The objectives announced between now and 2025 include achieving a turnover of €25 billion for the sector, doubling the number of jobs (75,000), a 20% increase in patents via research and development actions, and the emergence of three French cybersecurity “unicorns”. These recent announcements herald a real opportunity for all players in the French cybersecurity industry who – despite their high level of expertise and willingness to innovate – are faced with international competitors with much higher R&D and marketing budgets, and are constrained by a lack of qualified resources.

Stormshield – the European leader for cybersecurity in critical infrastructure, sensitive data and operational environments – and LogPoint, a European leader in security information and event management solutions, are today announcing that they have formed technology partnership. This will provide them with better visibility into their networks and security infrastructures, thanks to: General or detailed dashboards that provide a quick overview of firewall status and events Multi-criteria searches through SNS logs, which improve the efficiency of search tasks and thereby strengthen infrastructure security Automatic or manual report creation, which provides a quick look at the effectiveness of the security in place and helps validate the investments made Alert generation and incident management, which improves the responsiveness and effectiveness of incident response Log storage, which ensures compliance with regulations on log retention. General or detailed dashboards that provide a quick overview of firewall status and events Multi-criteria searches through SNS logs, which improve the efficiency of search tasks and thereby strengthen infrastructure security Automatic or manual report creation, which provides a quick look at the effectiveness of the security in place and helps validate the investments made Alert generation and incident management, which improves the responsiveness and effectiveness of incident response Log storage, which ensures compliance with regulations on log retention. * Automatic or manual report creation, which provides a quick look at the effectiveness of the security in place and helps validate the investments made * Alert generation and incident management, which improves the responsiveness and effectiveness of incident response

Innovating to ensure access to the best talent Having successfully onboarded more than 86 employees during 2020 amid a difficult period from a health and economic perspective, Stormshield is once again demonstrating its ability to continue its growth and assume the role of strategic partner to its customers. This has taken such practical forms as the launch of a new applications management tool, new candidate sourcing approaches, and also the introduction of new onboarding processes that take account of current health constraints (e-inductions, e-cafés with management teams, etc.). Quickly training new employees for an easier onboarding process During this period marked both by widespread recruitment and by greater use of teleworking, Stormshield has launched a new initiative: Academies. Providing teams with a new working environment appropriate to the health situation Teleworking has been in operation on a wide scale at Stormshield for a number of years, but is now in universal operation across the teams, particularly on a full-time basis for in-demand profiles who do not live near a local office.