It’s no exaggeration to say that Heartbleed is a very big deal. However, the rush to mitigate Heartbleed vulnerabilities may have actually driven some businesses to take actions that actually increased their risk.
According to Netcraft’s SSL survey, more than 30,000 TLS/SSL certificates have been revoked/reissued keys that remain vulnerable to Heartbleed. Why did consumers and enterprises misunderstand the key components of Heartbleed?
Listen to episode 144 of our security slice podcast and hear Craig Young, Ken Westin, Dwayne Melancon and Lamar Bailey discuss why technical and consumer publications had knee-jerk reactions to Heartbleed, the need for security experts to provide step-by-step security guidance, and why password managers have become the unlikely heroes in the Heartbleed saga.
Click Here to Listen to the Podcast
- Security Slice: OpenSSL vs. LibreSSL
- Security Slice: The Botnet Wars
- Security Slice: The Verizon Data Breach Investigations Report
- Security Slice: Ground Control to Major Pwn
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock