article Security Improvements to CSP Registration Process in PSIRT Articles

article Security Improvements to CSP Registration Process in PSIRT Articles https://live.paloaltonetworks.com/t5/psirt-articles/security-improvements-to-csp-registration-process/ta-p/239342 <P>Palo Alto Networks introduced new features in our Customer Support Portal (CSP) that address security concerns related to support.paloaltonetworks.com. A security researcher informed us that it was possible to brute-force our user registration process and potentially register an unauthorized individual support account linked to a customer.<SPAN>  </SPAN></P> <P> </P> <P>Customers who enabled the requirement of “super-user approval<EM>”</EM>on their support accounts would have been notified of attempts to create new accounts linked to their respective CSP account.<SPAN> </SPAN>However, we are aware that not all customers have adopted this setting.</P> <P> </P> <P>Therefore, to mitigate potential brute-forcing, we have added a captcha feature that requires input from the user during the registration process on the CSP.</P> <P> </P> <P> <span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Picture1.png" style="width: 337px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/17512i96720993872DAF21/image-size/large/is-moderation-mode/true?v=v2&px=999" role="button" title="Picture1.png" alt="Picture1.png" /></span></P> <P> </P> <P>As an additional security measure, we’ve made the “super-user approval” requirement the default setting within the CSP. We suggest that all customers keep this requirement as the default setting, so they are notified when a new account is created within their CSP account.</P> <P> </P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Picture2.png" style="width: 800px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/17514i266373EC857DCF63/image-size/large/is-moderation-mode/true?v=v2&px=999" role="button" title="Picture2.png" alt="Picture2.png" /></span></P> <P> </P> <P>Should you have any questions about this advisory, please contact Palo Alto Networks Support Team at support.paloaltonetworks.com.</P> <P> </P> <P>Thank you,</P> <P>Palo Alto Networks Product Security Incident Response Team</P> Fri, 01 Nov 2019 17:18:19 GMT srichardson 2019-11-01T17:18:19Z Security Improvements to CSP Registration Process https://live.paloaltonetworks.com/t5/psirt-articles/security-improvements-to-csp-registration-process/ta-p/239342 <P><SPAN>Palo Alto Networks introduced new features in our Customer Support Portal (CSP) that address security concerns related to support.paloaltonetworks.com.</SPAN></P> Fri, 01 Nov 2019 17:18:19 GMT https://live.paloaltonetworks.com/t5/psirt-articles/security-improvements-to-csp-registration-process/ta-p/239342 srichardson 2019-11-01T17:18:19Z