Stop the Heartbleed: Protecting Yourself from OpenSSL

A resource guide to help you learn more and protect your organization

Whiteboard Video: OpenSSL Heartbleed Vulnerability Explained & Tips for Protection

In this whiteboard video Trey Ford, Global Security Strategist at Rapid7, will talk about the OpenSSL vulnerability called Heartbleed.

Trey will give some background information around the Heartbleed vulnerability, will discuss what is affected by this vulnerability, and will tell you how you can fix this problem in your environment.

Watch this whiteboard video for more information around the OpenSSL vulnerability “Heartbleed” and learn how you can protect yourself and your organization from this security flaw.

Free Heartbleed Vulnerability Scanner: Scanner dedicated to CVE-2014-0160

Download this free scanner dedicated to CVE-2014-0160. Quickly scan your entire environment to see where you are affected by this serious vulnerability. Download now.

Free Nexpose Download: Now you can scan for vulnerability CVE-2014-0160

Download Nexpose today and run authenticated and unauthenticated checks for Heartbleed and any other vulnerabilities on your network. Scan your entire environment externally and internally to see what vulnerabilities you have within your network including Heartbleed. Download now.

Free Metasploit Download: Now you can exploit CVE-2014-0160 in Your Environment

Download a free trial of Metasploit to safely simulate an attack against the Heartbleed vulnerability in OpenSSL. Show proof and increase urgency to get this vulnerability patched. Download now.

Free UserInsight Download: See if your account credentials have been stolen by an attacker

Have your account credentials been compromised due to Heartbleed? Chances are, you have no idea. UserInsight can help you easily detect which accounts of yours have been compromised by an outside attacker. Download now.

Webcast: Heartbleed War Room: Briefing, Strategy and Q&A

The OpenSSL Heartbleed vulnerability rocked the world of security professionals. The task of securing your organization from this single vulnerability can seem overwhelming. In this webcast, security strategist Trey Ford and security researcher Mark Schloesser will:

  • Help you understand how the vulnerability is exploited
  • Discuss the impact it has on the system
  • Explain how to detect if you are vulnerable
  • Discuss the best way to develop a strategy to secure your environment
  • Answer your questions on how to secure your environment (Q&A) 

Blog Post: Heartbleed War Room - FAQ

We had a blog post on April 10th around the Heartbleed vulnerability. There were lots of great questions that we couldn't get to during the live recording so we answered them all here. Get the details here.

Blog Post: Assessing Your Heartbleed: How to Scan for this Vulnerability in Nexpose

Do you want to see what assets in your network are vulnerable to Heartbleed? Read this blog post to see how you can scan your network for this vulnerability. Get the details here.

Blog Post: Heartbleed War Room - Product FAQ

Do you use Rapid7 products in your organization? Read this blog post to see how our products help you detect and remediate the assets on your network that are vulnerable to Heartbleed. Get the details here.

Still wondering if you are affected by the OpenSSL Heartbleed vulnerability? We have compiled a list of resources to help you learn more about Heartbleed and tools to help you investigate how this impacts your environment.