Category Archives: Blog

Why the OpenSSL vulnerability should convert you to the Cloud or help mature your incident response program

Earlier this month OpenSSL released a bug advisory about a 64kb memory leak.  Since the announcement, there has been a lot of buzz around the underground regarding the exploitation of this …

April 21, 2014 //

Read more ›

Why is Tuning a Web Application Firewall (WAF) Challenging?

At Alert Logic, we frequently hear from people who believe that tuning an inline WAF, so that it effectively protects their web applications without blocking legitimate traffic, is …

April 21, 2014 //

Read more ›

PCI DSS Requirement 10.6 – Log Data Collection

As you likely know by now, the PCI DSS 3.0 standard went into effect on January 1, 2014. You have until January 1, 2015 to move to the …

April 14, 2014 //

Read more ›

SSL/TLS heartbeat read overrun aka 64kb memory leak (CVE-2014-0160)

OpenSSL released a bug advisory about a 64kb memory leak patch [1] in their library. The bug has been assigned CVE-2014-0160 SSL/TLS heartbeat read overrun (Technical: 64kb memory leak). According to http://www.openssl.org/news/openssl-1.0.1-notes.html the …

April 09, 2014 //

Read more ›

Want to try Alert Logic Threat Manager IDS? 30-Day Free Trial via AWS Marketplace

We’re working with Amazon Web Services (AWS) on a special program this month. Anyone who wants to try our Alert Logic Threat Manager IDS (intrusion detection system) can …

April 09, 2014 //

Read more ›