Protect Your Assets
Showing results for 
Search instead for 
Do you mean 

Fortify on Demand Heartbleed Update

Ryan_English ‎04-10-2014 01:27 PM - edited ‎08-03-2015 06:42 AM

The number of blog posts and news articles related to Heartbleed is rapidly expanding. Yahoo is showing 11,400 news articles.  Google is showing around 44,300. 

  

As director of the Fortify on Demand team, I have decided to respond in the form of a (public) customer communication.  Here are a couple of key updates for those who use our services:

 

  • We have validated that our three primary Fortify on Demand data centers (US, UK, & Singapore) were not exposed to the Heartbleed vulnerability.  Note: This also validates the need to have technology in place to be able to maintain a list of utilized Open Source components.
  • If you are a current customer, you will be hearing from your Technical Account Manager ASAP to discuss an exploratory assessment of your environment to ensure you were not affected by the Heartbleed exploit.  This is something we are offering at no cost to existing Fortify on Demand customers.  

We invite the OpenSSL project to join our Fortify Open Source Review for free static assessments.

 

For any additional questions, feel free to reach out to us on Twitter @hpappsecurity or via email fodsales(at)hp.com

 

Ryan English

Director,  Fortify on Demand

0 Kudos
About the Author

Ryan_English

Comments
Alouicious L
on ‎04-11-2014 01:39 PM

Are you saying that Fortify would have caught the bug?

Events
Each Month in 2016
Online
Software Expert Days - 2016
Join us online to talk directly with our Software experts during online Expert Days. Find information here about past, current, and upcoming Expert Da...
Read more
Sep 30
Seattle, WA
OpenStack Days Seattle
OpenStack Days Seattle, September 30, is the largest gathering of OpenStack users and prospective users in the Pacific Northwest region.
Read more
View all