Customer Announcement: Securing Your Applications From Heartbleed

heartbleedIf you are a current Veracode customer, we’re delighted to announce that we can help you rapidly address the Heartbleed bug. We are offering our comprehensive capabilities for application vulnerability detection to all our customers, at no-charge, to help you respond to this threat.

What is Veracode doing to help our customers?

We have two capabilities in particular to help you determine your risks from Heartbleed. These services will identify potentially vulnerable components in both your application code and public facing websites.

  • Heartbleed Component Analysis: Our software composition analysis engine looks for evidence of use of OpenSSL in your code (static analysis) and produces a report detailing at risk applications.
  • Heartbleed Web Perimeter Analysis: Our massively parallel dynamic analysis Discovery technology detects the use of OpenSSL and produces a report of vulnerable websites.

Learn more about what we’re doing to help our customers here.

Or reach out to us directly to get started with securing your application infrastructure.

R G | April 17, 2014 11:51 am

Does Veracode’s DynamicDS scan also have the ability to detect Heartbleed?

Marc Moesse | April 21, 2014 10:29 am

Hey RG, the the Heartbleed web assessment is a new capability that is built on our Discovery engine. It is not run from DynamicDS. We thought it made the most sense to provide a capability for our customers that allows them to assess for Heartbleed at massive scale as there are plenty of tools available that can assess a single website. Thank you.

Please Post Your Comments & Reviews

Your email address will not be published. Required fields are marked *

*

RSS feed for comments on this post