The goal of this talk is to provide the results of passive and active fingerprinting for SD-WAN systems using a common threat intelligence approach. We explore Internet-based and cloud-based publicly available SD-WAN systems using the well-known «Shodan» and «Censys» search engines and custom developed automation tools and show that most of the SD-WAN systems have known vulnerabilities related to outdated software and insecure configuration. Anton Nikolaev, Denis Kolegov, Oleg Broslavsky