Join today and have your say! It’s FREE!

Become a member today, It's free!

We will not release or resell your information to third parties without your permission.
Please Try Again
{{ error }}
By providing my email, I consent to receiving investment related electronic messages from Stockhouse.

or

Sign In

Please Try Again
{{ error }}
Password Hint : {{passwordHint}}
Forgot Password?

or

Please Try Again {{ error }}

Send my password

SUCCESS
An email was sent with password retrieval instructions. Please go to the link in the email message to retrieve your password.

Become a member today, It's free!

We will not release or resell your information to third parties without your permission.

Qualys Releases Detection for HeartBleed OpenSSL Vulnerability

QLYS

Critical Vulnerability Can Be Detected via Qualys SSL Labs Server Test or Directly With QualysGuard Vulnerability Management Cloud Service

REDWOOD SHORES, CA--(Marketwired - Apr 8, 2014) - Qualys, Inc. (NASDAQ: QLYS), a pioneer and leading provider of cloud security and compliance solutions, today announced that the Qualys SSL Labs service detects the OpenSSL vulnerability disclosed yesterday as "HeartBleed" (CVE-2014-0160). Administrators responsible for the security of websites can access the free tool at https://www.ssllabs.com, enter a URL and find out on whether their site is vulnerable to the new threat, as well as get information about the overall health of the site's SSL implementation. Qualys reports that traffic to the SSL Labs site has grown by an order of magnitude since the new vulnerability was announced. 

For QualysGuard customers the HeartBleed issue also is detectable by the QualysGuard Vulnerability Management (VM) cloud service as QID 42430. This means that Qualys customers can get reports detailing their enterprise-wide exposure whenever they next scan their assets, which allows them to efficiently remediate the issue. 

"The HeartBleed vulnerability is easy to exploit and there are already many proof-of-concept tools available that one can use in minutes," said Ivan Ristic, Director of Engineering at Qualys and renowned SSL technology expert. "After a successful attack, the attacker can obtain a large chunk of server memory, which can contain server private keys, session keys, passwords and other sensitive data. IT administrators need to map their exposure and install the patched version wherever necessary."

About Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud security and compliance solutions with over 6,700 customers in more than 100 countries, including a majority of each of the Forbes Global 100 and Fortune 100. The QualysGuard Cloud Platform and integrated suite of solutions help organizations simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and Web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations, including Accuvant, BT, Dell SecureWorks, Fujitsu, NTT, Symantec, Verizon, and Wipro. The company is also a founding member of the CloudSecurityAlliance (CSA).

For more information, please visit www.qualys.com.

Qualys, the Qualys logo and QualysGuard are proprietary trademarks of Qualys, Inc. All other products or names may be trademarks of their respective companies.

Tags:


Get the latest news and updates from Stockhouse on social media

Follow STOCKHOUSE Today