Get a free application, infrastructure and malware scan report - Scan Your Website Now

Subscribe to our Newsletter
Try AppTrana WAAP (WAF)

Managed WAF

Starts at $99

Guided onboarding, monitoring of latency, false positives, and DDoS attacks, custom rules, and more

Try Free For 14 Days

Real time, continuous detection, defense and protection from Heartbleed by Indusface

Posted DateApril 18, 2014
Posted Time 2   min Read

The day the world got to know of Heartbleed, is going to be a day that security professionals, across organizations, more than anyone else will remember in infamy. The moment word got out of this vulnerability via the security intelligence community, Indusface’s security teams have been working overtime to ensure all locks are in place to protect customers with mission-critical websites from exposure due to Heartbleed. We proactively reached out to all our customers by issuing a security incident report and suggesting remediation guidelines for this vulnerability.

As a precautionary measure, Indusface in collaboration with most of its customer’s security teams volunteered to perform automated application scanning and manual penetration tests, across the internet-facing assets which customers wanted to be tested for security issues related to Heartbleed. In parallel, the signatures in our automated scanning solution were upgraded within 24 hours to ensure that such issues were detected in future scans. This has further strengthened our ability to continuously monitor and detect this vulnerability, and ensure that it is fixed in a timely manner. Organizations within our security ecosystem were informed to avail free application security checks for all their application assets and still can do so.

Interestingly, we encountered a situation where two customers had a serious issue introduced by a recently acquired layer 7 protection device. Even though this was not in the scope of work defined, our security experts worked round the clock to help the customer troubleshoot and identify the issues. Upon identification, fixes were recommended and implemented to ensure customer’s assets were secured.

Unfortunately, since an exploit due to this vulnerability does not leave a trail of leads to follow on to its detection, it is important for security teams to provide the utmost vigilance in proactively staying a step ahead of all possible known exploits that could happen here.

Our real-time methodology to place the right detection, defense and protection mechanisms in place for our customers showcases the powerful strength of our solution’s capabilities. We will continue to enhance our solutions to continuously help our customers stay secure from any issues cropping up due to any vulnerabilities, as of now specifically Heartbleed.

Stay tuned for more relevant and interesting security articles. Follow Indusface on FacebookTwitter, and LinkedIn.

web application security banner

Venkatesh Sundar

Venky is an Application Security technologist who built the new age Web application Scanner and Cloud WAF - AppTrana at Indusface as a Founding CTO. Currently, he spends his time on driving Product Roadmap, Customer Success, Growth, and technology adoption for US businesses.

Share Article:

Join 47000+ Security Leaders

Get weekly tips on blocking ransomware, DDoS and bot attacks and Zero-day threats.

We're committed to your privacy. indusface uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.

Related Posts

Heartbleed or Shellshock
Heartbleed or Shellshock – Which one is more danger?

There have been several atrocious security vulnerabilities announced in the last few months, with “Heartbleed” in web servers and Shellshock in shell command lines. There are too many questions in the.

Read More
Heartbleed still bleeding your security
Heartbleed still bleeding your security?

Google and Codenomicon were responsible for finding the Heartbleed bug which had remained hidden for more than two years.

Read More
OpenSSL MITM CCS vulnerability
OpenSSL MITM CCS vulnerability and its impact

Within weeks of the infamous Heartbleed vulnerability in one of the world’s most commonly used open-source software OpenSSL, more vulnerabilities have been found in OpenSSL. One of the reasons for.

Read More

AppTrana

Fully Managed SaaS-Based Web Application Security Solution

Get free access to Integrated Application Scanner, Web Application Firewall, DDoS & Bot Mitigation, and CDN for 14 days

Get Started for Free Request a Demo

Gartner

Indusface is the only cloud WAAP (WAF) vendor with 100% Customer Recommendation for 3 consecutive years.

A Customers’ Choice for 2022 and 2023 - Gartner® Peer Insights™

The reviews and ratings are in!