How's everyone handling their Ivanti patches?

How's everyone handling their Ivanti patches?

We applied the mitigation, they said "that one doesnt work, here's a new one. Also heres some patches for versions you don't have."

Then they said "Even if you show no signs of compromise, act like you're compromised, factory reset your shit, change your passwords, use new certs and then upgrade."

It's hard to brief management and say "The vendor doesn't really know, but it'll be something else they don't know tomorrow."

act change compromise compromised cybersecurity don factory handling ivanti mitigation passwords patches reset work