The Heartbleed Bug: how to protect your business with Symantec

What you can do next time

Published October 2014

The discovery of the Heartbleed bug in April, 2014 exposed a serious vulnerability in OpenSSL, an open-source cryptographic library often used with applications and web servers like Apache and Nginx. This latest high profile, targeted attack allowed infiltrators access to the memory of web servers running vulnerable versions of the library. Heartbleed quickly compromised the privacy for communications applications on the Web such as e-commerce, banking, email, and instant messaging, and opened the door to the interception of user information, passwords, and identities.

While the world now knows of the widespread havoc Heartbleed has caused to both businesses and individuals, it begs the question, “What happens when the next Heartbleed (or worse) comes along, and what can an organization do to weather yet another chapter in an all-too-familiar string of debilitating attacks?