David Wolpoff, CTO at Randori, discusses security appliances and how attackers only have to pick one lock to invade an enterprise through them. Security tools are often the weakest link for organizations, and can be an attacker s best way into a network. A compromised VPN can lead to deep network access and lateral network access. A single security solution covers multiple security functions, and checks the box on many of the security controls you need. If the box is compromised, everything fails, this is the desired outcome of most attack campaigns.
Source: https://threatpost.com/breaking-into-security-appliances/167584/