Mitigate Baron SameEdit (CVE-2021-3156) vulnerability

ISACA Polyverse Case Study

By Alexander Gounares

One of our customers recently commissioned a study on Polyverse and the results were published in the ISACA journal. In this study, the attackers directly attacked the live, production website for Polyverse Corporation. This website is a traditional content-heavy site backed by a content-management system, or CMS.

The study conclusively demonstrated the resiliency of Polyverse’s Moving Target Defense technology against web-application and remote-code exploit attacks. Among the report’s conclusions:

“None of the attacks against the Polyverse production web site resulted in remote access, sensitive information disclosure or the ability to modify server-side information.”

“The pentester was unable to force the server to act in an unintended manner or disclose any sensitive information.”

“The frequency of the image replacement (every five seconds) reduces the window of opportunity to a duration that is, perhaps, too short for even an advanced attacker to succeed.”

“One might argue that, with enough time, an attacker might be able to find a vulnerability or another way to breach the site defenses. This scenario is possible; however, it gets the attacker only to level two. After Polyverse replaces the compromised image with a clean image, the progress made to that point is effectively undone.”

For a detailed technical description of the study, including the attack techniques and observations, you can download the paper at the link below:

Interested in learning more?

Be the first to hear about the latest product releases and cybersecurity news.

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.