Headlines like “Netgear Router Hacked on First Day of Pwn2Own” in a hacking competition make people feel excited or agitated, depending on which side you are on. In a similar vein, when we present “RidgeBot” – our automated ethical hacking system – to customers, a frequent question asked of us is: “can RidgeBot crack the firewall or network device?”
Even though, in a bug bounty program, network devices such as Firewalls, Routers are often set as the targets, in reality, a real hacker would not operate that way. Why? Firewalls and routers are the most critical devices in an Enterprise network; there are dedicated network teams that monitor these devices 24*7. Any change or anomalous behavior is immediately alerted.
Consider a burglar. They don’t trigger an alarm at the door before they even reach the most valuable assets inside a house.
Therefore, the right question to ask is: can your ethical hacking tool bypass the Firewall?
It’s true that we often read about vulnerabilities in the network devices of vendors such as Cisco, F5, or NETGEAR. The truth of the matter is that many of these vulnerabilities can be exploited. However, aiming to compromise the firewall and breaking into Enterprise networks by changing security policies are not very realistic or practical, unless the hacker’s sole purpose is to damage the target network without worrying about being caught.
Firewalls and network devices are critical infrastructure to be protected and monitored from that perspective, but they are usually not the targets for a hacker for commercial purposes.
This is where RidgeBot adds value. It has built-in plugins (payload scripts) for testing the security and resiliency of network devices. But more practically, RidgeBot will focus on validating the vulnerabilities and risks of critical servers or websites rather than Firewalls or Routers in a network infrastructure. To maximize security testing, we recommend that customers deploy RidgeBot inside of their Enterprise network with the assumption that the hacker already has bypassed the network device through methods such as phishing or credential attacks. Ridgebot can then unleash its automated ethical hacking of the infrastructure, relentlessly identifying and documenting exploits. Alternatively, if RidgeBot has to be deployed externally, it can be whitelisted within the Firewall policies, to carry out the same ethical hacking process.
Learn more about how RidgeBot delivers higher precision and more discoveries here.