ExtraHop Introduces Free Enterprise Offering to Stem the ‘Heartbleed’ Bug with Deep Visibility into IT Environments

Paul Atherton – Enabling Technology to Drive Commercial Benefit In his first blog Paul Atherton, Chief Sales & Marketing Officer at Kings Security discusses what is possible for security in integrating new innovative technologies. Read on »
Bob Forsyth – Cloud Technology, trajectory of the future In his latest blog for Infologue Bob Forsyth, Chief Executive Officer at Kings Security writes about Cloud Technology and its prospective applications for the security sector.  Read on »
Churchill Services Group announces the launch of its new rebranded security division Churchill Services Group has today announced the launch of its new rebranded security division – ‘Amulet’. Read on »
Friday, 19 October 2018

ExtraHop Introduces Free Enterprise Offering to Stem the ‘Heartbleed’ Bug with Deep Visibility into IT Environments

ExtraHop, the global leader in real-time wire-data analytics for IT operational intelligence, today announced a free enterprise solution designed to help security and IT operations teams rapidly detect the Heartbleed exploit in SSL servers, proactively patch affected services, and reissue certificates before security is further compromised.

Threats like Heartbleed that operate under the radar for extended periods of time as well as those that are more readily identified like the November 2013 Target data breach, call for greater cooperation between both security and IT operations teams. Just as DevOps methodologies evolved to unify development/test and IT operations, a similar shift in IT is occurring with SecOps – a cross-departmental approach where siloed security and IT operations teams collaborate to proactively and consistently monitor systems and network activity to protect their business from attacks. Wire data is a crucial, cross-tier source of visibility enabling this cooperation between security and operations.

“Everyone understands the commercial sense of 24×7 availability, the value of real-time business interactions, and the operational efficiency that comes from maintaining the highest possible levels of availability. With this in mind, it is difficult to understand why downtime caused by security failures is viewed so differently. If efforts to keep business systems up and running under all operational circumstances are accepted as being vital to the health of the business, why is it that not enough focus is placed on the need to protect organisations from attacks that can cause significant downtime, customer inconvenience, and reputational damage?” said Andrew Kellett, Principal Analyst, Software–IT Solutions at global analyst firm, Ovum, in his report titled “Proactive security is required in highly regulated industries.”

“While security and operations have often been treated as separate and distinct functions within the IT organisation, the goals of these teams are very much the same – keep vital business systems up and running while reducing risk to the organisation,” said Jesse Rothstein, CEO, ExtraHop. “The Heartbleed vulnerability underscores the need for greater prioritisation of security concerns within operations, and a more collaborative ‘SecOps’ approach that ensures both availability and security across the IT environment.”

Leveraging ExtraHop’s wire data analytics platform, the Heartbleed solution is purpose-built to equip IT operations and security teams with the visibility they need to collaboratively identify and eliminate vulnerabilities while limiting disruption to the organisation and its customers.

Benefits include:

· Proactively identify potential threats with SSL transaction analysis, including certificates used, session details, cipher suites, connections over time, record sizes, and other metrics for every SSL transaction.
· Analyse SSL records by content type, including application data, change cipher, handshakes, alerts, and even heartbeats – the message used in the Heartbleed exploit.
· Identify spikes in SSL traffic by heartbeat to alert IT to potential exploitation of the Heartbleed vulnerability.
· Map the geographic origin of requests for a particular protocol in real-time with ExtraHop geomap capability, enabling businesses to spot heartbeat messages of suspicious or unusual origin.

The Heartbleed-specific bundle expands the capabilities of the ExtraHop compliance and security solution, which delivers correlated, cross-tier visibility for IT teams to pervasively and persistently monitor their environments and detect anomalous behavior. This approach complements intrusion prevention (IPS), intrusion detection (IDS), and Security Information and Event Management (SIEM) systems, laying the foundation for deep collaboration between IT operations and IT security teams.

To begin detecting Heartbleed exploits immediately, customer must download the free-forever ExtraHop virtual appliance and then install the Heartbleed solution bundle. These are available on the website.

ExtraHop Website

Leave a Reply

Your email address will not be published. Required fields are marked *


Interconnective Security Products