Cisco recently claimed that nearly half of all websites that deploy OpenSSL could still be vulnerable to Heartbleed. Neil Thacker, Information Security & Strategy Officer at Websense, believes it’s difficult to establish how many sites are vulnerable to Heartbleed. As a result, he urges that businesses must act vigilantly around the security of their sites and that consumers must ensure they aren’t visiting compromised sites.
Free Cyber Security Training! Join the revolution today!
Provided below is Thacker’s comment in full:
“It’s extremely difficult to put a figure on the exact number of websites that remain vulnerable to Heartbleed. But the fact remains that the onus is firmly on businesses to remain vigilant in ensuring the security of their websites.
“Patching is always an issue, especially when it comes to patching open-source and web servers. We recommend any businesses and consumers to monitor for sites that are vulnerable to Heartbleed, as well as other known vulnerabilities, and ensure events relating to these sites are monitored.
“Therefore inline real-time proxies that can identify these vulnerabilities and offer a countermeasure to web-based threats are critical. Web traffic should be monitored for known vulnerabilities 24×7.
“Anyone who wants to check for Heartbleed vulnerabilities on any websites they access should visit now.”
By Neil Thacker, Information Security & Strategy Officer, Websense
About Websense
Websense TRITON stops more threats; visit www.websense.com/proveit to see proof. To access the latest Websense security insights and connect through social media, please visit www.websense.com/smc. For more information, visit www.websense.com and www.websense.com/triton.
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.