Security Improvements to CSP Registration Process

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
L3 Networker
No ratings

Palo Alto Networks introduced new features in our Customer Support Portal (CSP) that address security concerns related to support.paloaltonetworks.com. A security researcher informed us that it was possible to brute-force our user registration process and potentially register an unauthorized individual support account linked to a customer. 

 

Customers who enabled the requirement of “super-user approvalon their support accounts would have been notified of attempts to create new accounts linked to their respective CSP account. However, we are aware that not all customers have adopted this setting.

 

Therefore, to mitigate potential brute-forcing, we have added a captcha feature that requires input from the user during the registration process on the CSP.

 

 Picture1.png

 

As an additional security measure, we’ve made the “super-user approval” requirement the default setting within the CSP. We suggest that all customers keep this requirement as the default setting, so they are notified when a new account is created within their CSP account.

 

Picture2.png

 

Should you have any questions about this advisory, please contact Palo Alto Networks Support Team at support.paloaltonetworks.com.

 

Thank you,

Palo Alto Networks Product Security Incident Response Team

Rate this article:
(1)
  • 8560 Views
  • 0 comments
  • 2 Likes
Register or Sign-in
Contributors
Article Dashboard
Version history
Last Updated:
‎11-01-2019 10:18 AM
Updated by:
Retired Member