Identify and Protect IoT Devices Vulnerable to Ripple20

What you Need to Know About Ripple20: a Conversation With Shlomi Oberman from Jsof

According to Gartner, “over 80% of organizations currently use IoT to solve business use cases, and almost 20% of organizations have already detected an IoT-based attack in the past three years.”1 By now, you’ve heard about Ripple20 – the collective group of vulnerabilities in a widely used Transmission Control Protocol/Internet Protocol (TCP/IP) software library developed by Treck Inc., and discovered by a team at JSOF.

JSOF partnered with Forescout Research Labs to use Forescout’s Device Cloud, a unique data lake with information from more than 12 million devices categorized in more than 150 device types, to identify potentially impacted vendors and devices. Tens of millions of devices across over 50 vendors may be affected, exposing a complex supply chain for IoT devices. Additionally, threat actors could execute remote commands against devices connected to the internet, compromise them and move laterally within the network to access or infect other devices.

How do security teams respond swiftly to identify and mitigate these vulnerable devices?

Join us for a lively conversation with Shlomi Oberman (JSOF) and Daniel dos Santos (Forescout) as they explain:

  • What really is Ripple20? – a deep dive into discovered vulnerabilities
  • The impact on the supply chain and the impacted vendors
  • How to mitigate the risks – even in environments where these devices cannot be patched
  • What vendors and security teams must do next to limit their exposure


1 Gartner – IoT Security Primer: Challenges and Emerging Practices, 6 January 2020

Watch Webinar

New Ripple20 Resourcees

Blog Icon   Blog

Identifying and Protecting Devices Vulnerable to Ripple20

Read More
FAQ Icon   FAQ

Ripple20 Vulnerabilities

Read More
Video Icon   Video

How to: Detect and Segment Ripple20 Vulnerable devices with eyeSight

Blog Icon   Blog

The IoT Supply Chain Risk: Why Everyone Should Pay Attention to Ripple20 Vulnerabilities

Read More

Interested in Talking to a Cybersecurity Expert About how Forescout can Help Mitigate the Risk of Ripple20 Vulnerabilities?

Contact Us