A fun pass time we security folks share is to try and think of worst-case scenarios for everything. This hypothetical worst-case scenario just came to mind and I can't think of a playbook for dealing with it.

Imagine a Solarwinds type supply chain compromise but with a Vulnerability scanning platform instead, like if a malicious update is somehow pushed out to something like Nessus or OpenVAS.

Vuln scanners are by design supposed to reach every segment of your network, even the critical ones. Actually, especially the critical ones.

Even better, most firewalls, IDS, and IPS systems have exceptions for allowing the traffic and silencing any alarms. And even if they did trigger any alerts analysts would say …

case compromise cybersecurity design fun malicious nessus network openvas platform playbook scanners scanning scenario security segment share solarwinds supply supply chain supply chain compromise update vuln vulnerability vulnerability scanning