A short story about how a simple conversation about PKI and device authentication turned into a still unpatched vulnerability of one of the largest SD-WAN providers. As a security community, we must do better in holding security vendors to a higher standard. With Security being the one of the hottest markets, we must guard against vendor hype. We must be cautious about over-hyped solutions and ensure we are doing own due diligence on researching the risk security products have, no different than any other solution.