Security Improvements to CSP Registration Process
cancel
Showing results for 
Search instead for 
Did you mean: 
L3 Networker
Did you find this article helpful? Yes No
No ratings

Palo Alto Networks introduced new features in our Customer Support Portal (CSP) that address security concerns related to support.paloaltonetworks.com. A security researcher informed us that it was possible to brute-force our user registration process and potentially register an unauthorized individual support account linked to a customer. 

 

Customers who enabled the requirement of “super-user approvalon their support accounts would have been notified of attempts to create new accounts linked to their respective CSP account. However, we are aware that not all customers have adopted this setting.

 

Therefore, to mitigate potential brute-forcing, we have added a captcha feature that requires input from the user during the registration process on the CSP.

 

 Picture1.png

 

As an additional security measure, we’ve made the “super-user approval” requirement the default setting within the CSP. We suggest that all customers keep this requirement as the default setting, so they are notified when a new account is created within their CSP account.

 

Picture2.png

 

Should you have any questions about this advisory, please contact Palo Alto Networks Support Team at support.paloaltonetworks.com.

 

Thank you,

Palo Alto Networks Product Security Incident Response Team

Rate this article:
(1)
Register or Sign-in
Article Dashboard
Version history
Last update:
‎11-01-2019 10:18 AM
Updated by:
Retired Member
Contributors