Preface: Citrix Systems, Inc. is an American multinational software company that provides server, application and desktop virtualization, networking, software as a service (SaaS), and cloud computing technologies.

About data breach occurred on Dec 2018:
Citrix says that the late 2018 attack appears to be distinct from the likely password-spraying attack that was the focus of the FBI’s Wednesday warning to the technology firm.

Doubt? Believe that enterprise firm should have SIEM deployment. If SIEM has in placed, could it be something wrong of their correlation rules? Or there is another reasons behind?

What do you think?

Headline news: https://www.zdnet.com/article/citrix-discloses-security-breach-of-internal-network/