SlideShare a Scribd company logo

Heartbleed

Download as PPT, PDF
Hemant Mittal
Hemant Mittal

This seminar presentation discusses the Heartbleed vulnerability, which affected the OpenSSL implementation of the SSL/TLS protocols. It notes that many Android devices and Linux browsers were likely vulnerable, while iOS, Mac OS X, and browsers using Microsoft's SSL implementation were not. The presentation recommends continuous monitoring with IDS/IPS devices and vulnerability scans to detect any exploits of Heartbleed, and lists other potentially vulnerable devices like IP phones, routers, medical equipment and smart TVs.

1 of 18
A SEMINAR PRESENTATION ON BY :HEMANT MITAL
4/02/15
4/02/15
4/02/15
4/02/15
What else? ● Most Android devices are vulnerable. ● iOS and Mac OSX are not vulnerable. -but some 3rd party iOS apps are. ● Most Linux browsers are probably vulnerable.
WHAT ELSE ? • IP phones • Routers • Medical devices • Smart TV sets • embedded devices
Safe(r) Browsers ● Firefox, Chrome, and IE (on Windows) use the Microsoft implementation of SSL not OpenSSL. ● Internet Informations Server/Services (IIS) are not vulnerable.
What is Information Security doing? ● Continuous monitoring for this vulnerability with both IDS and IPS devices. ● Vulnerability scans. - not as effective since it's a snapshot in time but a good starting point.

Recommended

Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaMoldova ICT Summit
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Cyber security
Cyber securityCyber security
Cyber security
Arjun Chetry
 
DoubleDirect - MitM
DoubleDirect - MitM DoubleDirect - MitM
DoubleDirect - MitM
Chandrak Trivedi
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce... The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
SignalSEC Ltd.
 
Senior Technology Education
Senior Technology EducationSenior Technology Education
Senior Technology Education
Summerpair77
 
Internet
InternetInternet
Internet
youssefchefcher
 

Recommended

Developing secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaDeveloping secure mobile apps by Alexandru Catariov Endava
Developing secure mobile apps by Alexandru Catariov EndavaMoldova ICT Summit
 
User's Guide to Online Privacy
User's Guide to Online PrivacyUser's Guide to Online Privacy
User's Guide to Online Privacycdunk12
 
Cyber security
Cyber securityCyber security
Cyber security
Arjun Chetry
 
DoubleDirect - MitM
DoubleDirect - MitM DoubleDirect - MitM
DoubleDirect - MitM
Chandrak Trivedi
 
Network basic security
Network basic securityNetwork basic security
Network basic securityMohamed Radji
 
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce... The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
The Market for Cyber Weapons - NATO Cooperative Cyber Defence Centre of Exce...
SignalSEC Ltd.
 
Senior Technology Education
Senior Technology EducationSenior Technology Education
Senior Technology Education
Summerpair77
 
Internet
InternetInternet
Internet
youssefchefcher
 
Technology seminar (1)
Technology seminar (1)Technology seminar (1)
Technology seminar (1)
AnuSaji5
 
Mobile Device Management & Data Protection
Mobile Device Management & Data ProtectionMobile Device Management & Data Protection
Mobile Device Management & Data Protection
GeekTek IT Services
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
Bryley Systems Inc.
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managers
blogzilla
 
Four ways to secure the internet of things - infographic
Four ways to secure the internet of things - infographicFour ways to secure the internet of things - infographic
Four ways to secure the internet of things - infographic
Cheapest SSLs
 
STSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and servicesSTSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and services
Sylvie Boube-Politano
 
Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
Internet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes previewInternet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes preview
Swapnil Deshmukh
 
VenkaSure Total Security+
VenkaSure Total Security+VenkaSure Total Security+
VenkaSure Total Security+
Venkasys Technologies Pvt. Ltd.
 
089 generictoptipsposter
089 generictoptipsposter089 generictoptipsposter
089 generictoptipsposterWarsi Wa
 
Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14 Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14
Mobile Edge Event
 
Mobile (in)security ?
Mobile (in)security ?Mobile (in)security ?
Mobile (in)security ?
Cláudio André
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information SecurityAna Meskovska
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
Ankur Kumar
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
Dushyant Singh
 
online and offline computer security
online and offline computer securityonline and offline computer security
online and offline computer security
Abhishek Pansuriya
 
1. Mobile Application (In)security
1. Mobile Application (In)security1. Mobile Application (In)security
1. Mobile Application (In)security
Sam Bowne
 
NETWORK SECURITY AND VIRUSES
NETWORK SECURITY AND VIRUSESNETWORK SECURITY AND VIRUSES
NETWORK SECURITY AND VIRUSES
Sumit Pandey
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
SecureState
 
Thailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandThailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet Thailand
Aruj Thirawat
 
Developing for Android Wear
Developing for Android WearDeveloping for Android Wear
Developing for Android Wear
Can Elmas
 
Five Things Every Win32 Developer Should Know
Five Things Every Win32 Developer Should KnowFive Things Every Win32 Developer Should Know
Five Things Every Win32 Developer Should Knowwvdang
 

More Related Content

What's hot

Technology seminar (1)
Technology seminar (1)Technology seminar (1)
Technology seminar (1)
AnuSaji5
 
Mobile Device Management & Data Protection
Mobile Device Management & Data ProtectionMobile Device Management & Data Protection
Mobile Device Management & Data Protection
GeekTek IT Services
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
Bryley Systems Inc.
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managers
blogzilla
 
Four ways to secure the internet of things - infographic
Four ways to secure the internet of things - infographicFour ways to secure the internet of things - infographic
Four ways to secure the internet of things - infographic
Cheapest SSLs
 
STSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and servicesSTSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and services
Sylvie Boube-Politano
 
Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
Jose L. Quiñones-Borrero
 
Internet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes previewInternet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes preview
Swapnil Deshmukh
 
VenkaSure Total Security+
VenkaSure Total Security+VenkaSure Total Security+
VenkaSure Total Security+
Venkasys Technologies Pvt. Ltd.
 
089 generictoptipsposter
089 generictoptipsposter089 generictoptipsposter
089 generictoptipsposterWarsi Wa
 
Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14 Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14
Mobile Edge Event
 
Mobile (in)security ?
Mobile (in)security ?Mobile (in)security ?
Mobile (in)security ?
Cláudio André
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information SecurityAna Meskovska
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
Ankur Kumar
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
Dushyant Singh
 
online and offline computer security
online and offline computer securityonline and offline computer security
online and offline computer security
Abhishek Pansuriya
 
1. Mobile Application (In)security
1. Mobile Application (In)security1. Mobile Application (In)security
1. Mobile Application (In)security
Sam Bowne
 
NETWORK SECURITY AND VIRUSES
NETWORK SECURITY AND VIRUSESNETWORK SECURITY AND VIRUSES
NETWORK SECURITY AND VIRUSES
Sumit Pandey
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
SecureState
 
Thailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandThailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet Thailand
Aruj Thirawat
 

What's hot (20)

Technology seminar (1)
Technology seminar (1)Technology seminar (1)
Technology seminar (1)
 
Mobile Device Management & Data Protection
Mobile Device Management & Data ProtectionMobile Device Management & Data Protection
Mobile Device Management & Data Protection
 
Computer Network Security
Computer Network SecurityComputer Network Security
Computer Network Security
 
Cyber Essentials for Managers
Cyber Essentials for ManagersCyber Essentials for Managers
Cyber Essentials for Managers
 
Four ways to secure the internet of things - infographic
Four ways to secure the internet of things - infographicFour ways to secure the internet of things - infographic
Four ways to secure the internet of things - infographic
 
STSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and servicesSTSAFE-A: certified security for IoT devices and services
STSAFE-A: certified security for IoT devices and services
 
Securing Your Business
Securing Your BusinessSecuring Your Business
Securing Your Business
 
Internet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes previewInternet of Things - Breaking 20 devices in 20 minutes preview
Internet of Things - Breaking 20 devices in 20 minutes preview
 
VenkaSure Total Security+
VenkaSure Total Security+VenkaSure Total Security+
VenkaSure Total Security+
 
089 generictoptipsposter
089 generictoptipsposter089 generictoptipsposter
089 generictoptipsposter
 
Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14 Mobile (in)security? @ Mobile Edge '14
Mobile (in)security? @ Mobile Edge '14
 
Mobile (in)security ?
Mobile (in)security ?Mobile (in)security ?
Mobile (in)security ?
 
3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security3 Most Common Threats Of Information Security
3 Most Common Threats Of Information Security
 
Computer , Internet and physical security.
Computer , Internet and physical security.Computer , Internet and physical security.
Computer , Internet and physical security.
 
Basics of Network Security
Basics of Network SecurityBasics of Network Security
Basics of Network Security
 
online and offline computer security
online and offline computer securityonline and offline computer security
online and offline computer security
 
1. Mobile Application (In)security
1. Mobile Application (In)security1. Mobile Application (In)security
1. Mobile Application (In)security
 
NETWORK SECURITY AND VIRUSES
NETWORK SECURITY AND VIRUSESNETWORK SECURITY AND VIRUSES
NETWORK SECURITY AND VIRUSES
 
Smart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and ExploitationSmart Bombs: Mobile Vulnerability and Exploitation
Smart Bombs: Mobile Vulnerability and Exploitation
 
Thailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet ThailandThailand Threat Telemetry 2016 by Fortinet Thailand
Thailand Threat Telemetry 2016 by Fortinet Thailand
 

Viewers also liked

Developing for Android Wear
Developing for Android WearDeveloping for Android Wear
Developing for Android Wear
Can Elmas
 
Five Things Every Win32 Developer Should Know
Five Things Every Win32 Developer Should KnowFive Things Every Win32 Developer Should Know
Five Things Every Win32 Developer Should Knowwvdang
 
Marketing Personas (product camp jul2015)
Marketing Personas (product camp jul2015)Marketing Personas (product camp jul2015)
Marketing Personas (product camp jul2015)
ProductCamp Toronto
 
Extending Android with New Devices
Extending Android with New DevicesExtending Android with New Devices
Extending Android with New Devices
Shree Kumar
 
MIT Enterprise Forum
MIT Enterprise ForumMIT Enterprise Forum
MIT Enterprise Forum
Bernard Huang
 
Mosec, Mobile Secretary - Betaspring Demo Day Pitch
Mosec, Mobile Secretary - Betaspring Demo Day PitchMosec, Mobile Secretary - Betaspring Demo Day Pitch
Mosec, Mobile Secretary - Betaspring Demo Day Pitch
Bernard Huang
 
Guerrilla Marketing: 17 Scrappy Tactics to Grow Your Business
Guerrilla Marketing: 17 Scrappy Tactics to Grow Your BusinessGuerrilla Marketing: 17 Scrappy Tactics to Grow Your Business
Guerrilla Marketing: 17 Scrappy Tactics to Grow Your Business
Bernard Huang
 
Growth Hacking Belgium (kick-off)
Growth Hacking Belgium (kick-off)Growth Hacking Belgium (kick-off)
Growth Hacking Belgium (kick-off)
Omar Mohout
 
Light tree
Light tree Light tree
Light tree Priya K
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
Suryansh Srivastava
 
Bubble Power
Bubble PowerBubble Power
Bubble Power
Seminar Links
 
Latest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc StudentsLatest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc Students
Arun Kumar
 
WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?
WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?
WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?
ChromeInfo Technologies
 
Best topics for seminar
Best topics for seminarBest topics for seminar
Best topics for seminarshilpi nagpal
 
Guided Reading: Making the Most of It
Guided Reading: Making the Most of ItGuided Reading: Making the Most of It
Guided Reading: Making the Most of It
Jennifer Jones
 

Viewers also liked (16)

Developing for Android Wear
Developing for Android WearDeveloping for Android Wear
Developing for Android Wear
 
Five Things Every Win32 Developer Should Know
Five Things Every Win32 Developer Should KnowFive Things Every Win32 Developer Should Know
Five Things Every Win32 Developer Should Know
 
Marketing Personas (product camp jul2015)
Marketing Personas (product camp jul2015)Marketing Personas (product camp jul2015)
Marketing Personas (product camp jul2015)
 
Extending Android with New Devices
Extending Android with New DevicesExtending Android with New Devices
Extending Android with New Devices
 
MIT Enterprise Forum
MIT Enterprise ForumMIT Enterprise Forum
MIT Enterprise Forum
 
Mosec, Mobile Secretary - Betaspring Demo Day Pitch
Mosec, Mobile Secretary - Betaspring Demo Day PitchMosec, Mobile Secretary - Betaspring Demo Day Pitch
Mosec, Mobile Secretary - Betaspring Demo Day Pitch
 
Guerrilla Marketing: 17 Scrappy Tactics to Grow Your Business
Guerrilla Marketing: 17 Scrappy Tactics to Grow Your BusinessGuerrilla Marketing: 17 Scrappy Tactics to Grow Your Business
Guerrilla Marketing: 17 Scrappy Tactics to Grow Your Business
 
Growth Hacking Belgium (kick-off)
Growth Hacking Belgium (kick-off)Growth Hacking Belgium (kick-off)
Growth Hacking Belgium (kick-off)
 
Light tree
Light tree Light tree
Light tree
 
Rain technology
Rain technologyRain technology
Rain technology
 
Ethical hacking presentation
Ethical hacking presentationEthical hacking presentation
Ethical hacking presentation
 
Bubble Power
Bubble PowerBubble Power
Bubble Power
 
Latest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc StudentsLatest Seminar Topics for Engineering,MCA,MSc Students
Latest Seminar Topics for Engineering,MCA,MSc Students
 
WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?
WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?
WHY TO MIGRATE YOUR APPLICATIONS TO CLOUD SERVICES?
 
Best topics for seminar
Best topics for seminarBest topics for seminar
Best topics for seminar
 
Guided Reading: Making the Most of It
Guided Reading: Making the Most of ItGuided Reading: Making the Most of It
Guided Reading: Making the Most of It
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
James Anderson
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
DianaGray10
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
ControlCase
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Product School
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
Safe Software
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Tobias Schneck
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
KatiaHIMEUR1
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
Dorra BARTAGUIZ
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
 
UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3UiPath Test Automation using UiPath Test Suite series, part 3
UiPath Test Automation using UiPath Test Suite series, part 3
 
PCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase TeamPCI PIN Basics Webinar from the Controlcase Team
PCI PIN Basics Webinar from the Controlcase Team
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
Unsubscribed: Combat Subscription Fatigue With a Membership Mentality by Head...
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
Essentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with ParametersEssentials of Automations: Optimizing FME Workflows with Parameters
Essentials of Automations: Optimizing FME Workflows with Parameters
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024
 
Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !Securing your Kubernetes cluster_ a step-by-step guide to success !
Securing your Kubernetes cluster_ a step-by-step guide to success !
 
Assuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyesAssuring Contact Center Experiences for Your Customers With ThousandEyes
Assuring Contact Center Experiences for Your Customers With ThousandEyes
 
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdfFIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
FIDO Alliance Osaka Seminar: Passkeys at Amazon.pdf
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdfFIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf
 
Elevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object CalisthenicsElevating Tactical DDD Patterns Through Object Calisthenics
Elevating Tactical DDD Patterns Through Object Calisthenics
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 

Heartbleed

  • 1. A SEMINAR PRESENTATION ON BY :HEMANT MITAL
  • 2.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12.
  • 13.
  • 15. What else? ● Most Android devices are vulnerable. ● iOS and Mac OSX are not vulnerable. -but some 3rd party iOS apps are. ● Most Linux browsers are probably vulnerable.
  • 16. WHAT ELSE ? • IP phones • Routers • Medical devices • Smart TV sets • embedded devices
  • 17. Safe(r) Browsers ● Firefox, Chrome, and IE (on Windows) use the Microsoft implementation of SSL not OpenSSL. ● Internet Informations Server/Services (IIS) are not vulnerable.
  • 18. What is Information Security doing? ● Continuous monitoring for this vulnerability with both IDS and IPS devices. ● Vulnerability scans. - not as effective since it's a snapshot in time but a good starting point.

Editor's Notes

  1. Apple uses SecureTransport for SSL – it had it’s own bug back in Feb.
  2. XP = OS/2 a great OS in it’s time. Today is not its time.
  3. Some of the tools Networking and InfoSec are using to detect Heartbleed.