Vulnerability researchers scored major points last week by unearthing the so called “Heartbleed Bug” in the widely used OpenSSL cryptographic software library –truly a significant discovery given that the issue impacts a huge number of web sites, including those of most enterprises.
To underscore the severity of the issue, researchers involved have defensibly dubbed the vulnerability as “one of the most serious security problems to ever affect the modern web”.
As with the identification of many other such far-reaching software flaws, news of the discovery sent a lot of organizations running to address their newly apprised OpenSSL exposures. As of yet it is unknown if there have been any real-world attacks designed to exploit Heartbleed, but even if that is not the case, one can assume that such threats are currently under development.
Another impact of the Heartbleed vulnerability – so named because it literally cuts so deeply in terms of its applicability – is that any software providers who somehow utilize OpenSSL in their products were forced to assess the impact of the bug on their customers.
Ironically, this legion of technology vendors also included many security solutions providers as OpenSSL is just so ubiquitous. It’s hardly a sign of incompetence when security experts get caught out by such a far-reaching issue, but, as the providers responsible for shutting the doors on attacks, such a situation is doubly disconcerting.
So, here’s the part where you’re expecting me to offer a mea culpa and claim minimal responsibility on FireMon’s part for getting sprayed by some of the Heartbleed fallout. We do, after all, use OpenSSL in our products.
Except that didn’t happen; instead of falling on our sword, here’s another place where FireMon developers find opportunity to give themselves a pat on the back. Once again, FireMon’s commitment to going the extra mile paid off – our platform continues to use the strongest encryption available to ensure the security of your data between client and server, and because of that, Heartbleed doesn’t impact our solutions.
Without seeming too opportunistic or taking pleasure in a misfortune that surely affected a lot of respectable software providers, I will note that at least one of our competitors was forced to issue a vulnerability bulletin as their version of OpenSSL was left open to potential attack. It is what it is, but, without gloating, FireMon did not have to do so.
Beyond that relatively straightforward observation, there’s actually a lot to talk about related to FireMon and Heartbleed. If your organization was somehow exposed to potential attack by the bug, our Security Intelligence Platform can rapidly identify just how and where systems and assets are at risk, and how to rapidly address those issues.
To be specific, using FireMon’s patented Security Manager assessment engine, along with its Risk Analyzer Module, enterprises can rapidly determine precisely where open access across their networks leave Heartbleed (CVE-2014-0160) exposed and reachable within their networks.
Further, Risk Analyzer will also recommend a prioritized list of patches that can by applied to protect against potential Heartbleed attacks, as well as prioritize remediation of all other known vulnerabilities.
Lastly, but perhaps even more importantly, as it is often easier and faster to restrict vulnerability exposure by changing network security device rules and configurations, FireMon can rapidly identify any existing policies that can be altered to prevent access without patching involved systems.
The ability of organizations to address Heartbleed using FireMon also highlights the frequently underappreciated aspect of how network security remain the most critical underlying layer of defense that today’s organizations rely on.
Even when Web security solutions, advanced threat detection or vulnerability management tools cannot address a previously unknown issue such as Heartbleed, altering network security defenses to account for potential attacks provides a direct and practical strategy.
If your organization is seeking methods to better defend itself against Heartbleed exploitation, or truthfully any such threats, get in touch with FireMon today. Not only can we help address this particular issue, our Proactive Security Intelligence solutions platform can dramatically improve all matters of secure network access management.