The Heartbleed vulnerability is a very serious issue, as it affects the popular OpenSSL open source library that is used throughout the Internet as well as in private networks, and OpenSSL is used with a variety of networking products which means more than just one application or operating system is vulnerable.
While web servers are an obvious target, Heartbleed also affects FTP, IMAP, POP3, XMPP, and SMTP services, and since so many different applications are potentially vulnerable, quickly finding and remediating the vulnerability across multiple machines is a daunting task.
To find the Heartbleed vulnerability in your environment with Tripwire IP360, simply update to the latest ASPL release and run your scans as usual.
Be sure to join us for the webcast Heartbleed Outpatient Care: Steps for Secure Recovery on Thursday, April 17, 2014 1:00 PM EDT/10:00 AM PDT where we will be discussing the need for a robust security strategy for rapid reaction to vulnerabilities and threats.
In this webcast we will examine:
- The Heartbleed vulnerability in detail, how it occurred with examples of how it can be used against your organization
- How you can identify your business exposure and what systems are vulnerable
- How Tripwire’s solutions work together to help you close the detection, remediation and prevention gaps around Heartbleed
- Interrupting a Cyber Attack in Progress
- Ten Steps for Early Incident Detection
- Restoring Trust After a Data Breach
- How to Perform Early Detection of a Distributed Attack
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].
Title image courtesy of ShutterStock