Skip to main content

Heartbleed Bug: Vendor Compensating Controls

April 10, 2014

A critical vulnerability in OpenSSL (CVE-2014-0160) known as the Heartbleed Bug was recently disclosed, affecting servers running OpenSSL 1.0.1 through 1.0.1f. This vulnerability allows arbitrary memory readout, compromising the integrity of the secure channel, potentially exposing personal information such as passwords, credit card information and emails.

Yesterday, we published a white paper on the Heartbleed Bug, its implications and recommendations for remediation. Today, we published a supplemental paper on compensating controls released by specific vendors to detect and block attempts at exploiting this vulnerability. This additional paper includes specific instructions on how to install and monitor the controls. We will continue to update this paper as new vendor threat prevention databases are released, so please check back regularly.

Related Blogs

August 23, 2016

Business Driven Vendor Risk Assessment Template

The pace and level of outsourcing has continued to evolve and now includes any and all business areas and cloud services. Outsourcing decisions often ...

See Details

January 14, 2014

Securing the Hypervisor: Tools & Guides from Leading Vendors

A recent breach of the SSL tools website appears to be the result of insecure passwords on the service provider’s hypervisor, which al...

See Details

September 08, 2015

High 5 for iOS 9

It’s September, and as we say farewell to summer, we anticipate another iOS update coming over the horizon. While this time of year can be stressful f...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.

Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.


Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.