Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Heartbleed protection with HP TippingPoint

MarthaAviles ‎04-10-2014 09:15 AM - edited ‎09-25-2015 08:25 AM

What is the vulnerability? How does it take advantage of a network or system?

The Heartbleed bug affects OpenSSL—allowing attackers to infiltrate areas of memory from a system running the software. By accessing these areas of memory, the names and passwords—as well as actual content—are open to data theft.


How are HP TippingPoint customers protected?

The HP TippingPoint DVLabs team began evaluating the available data and PoCs on April 8, 2014

in order to provide a vulnerability signature in an ad-hoc release of the TippingPoint Digital Vaccine.  In the meantime, we have released a custom filter package to our customers until the official DV is ready.


The coverage provided by this custom filter, similar to all currently available vendor-provided filters, will detect large SSL heartbeat responses (over 200 bytes) to indicate whether the vulnerability has possibly been exploited. This filter protects HP TippingPoint customers until a more comprehensive Digital Vaccine is released.


In the meantime, we strongly recommend that everyone observe the published best practices to limit exposure:

  • Upgrade if possible (if not, then disable heartbeats)
  • Revoke all current keys and replace them with new ones
  • Change any credentials that may have been loaded into memory by the vulnerable processes
  • See additional information on “Thoughts on the Heartbleed bug.”


We have also verified that the HP TippingPoint NGIPS, SMS and NGFW platforms, as well as the Threat Management Center (TMC) portal, are not vulnerable to this OpenSSL vulnerability.


Where can you find more information on this vulnerability?

More information can be found on this vulnerability on the National Vulnerability Database

About the Author


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
January 2016
Software Expert Days - 2016
Join us online to talk directly with our Software experts during the online Expert Days - see details below. Software experts do not monitor this foru...
Read more
See board event postings
Vivit Events - 2016
Learn about upcoming Vivit webinars and live events in 2016.
Read more
View all