Fortify on Demand Heartbleed Update

The number of blog posts and news articles related to Heartbleed is rapidly expanding. Yahoo is showing 11,400 news articles.  Google is showing around 44,300. 

  heartlock.jpg

As director of the Fortify on Demand team, I have decided to respond in the form of a (public) customer communication.  Here are a couple of key updates for those who use our services:

 

  • We have validated that our three primary Fortify on Demand data centers (US, UK, & Singapore) were not exposed to the Heartbleed vulnerability.  Note: This also validates the need to have technology in place to be able to maintain a list of utilized Open Source components.
  • If you are a current customer, you will be hearing from your Technical Account Manager ASAP to discuss an exploratory assessment of your environment to ensure you were not affected by the Heartbleed exploit.  This is something we are offering at no cost to existing Fortify on Demand customers.  

We invite the OpenSSL project to join our Fortify Open Source Review for free static assessments.

 

For any additional questions, feel free to reach out to us on Twitter @hpappsecurity or via email fodsales(at)hp.com

 

Ryan English

Director,  Fortify on Demand

Comments
Alouicious L(anon) | ‎04-11-2014 01:39 PM

Are you saying that Fortify would have caught the bug?

Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
Search
About the Author


Follow Us
The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation