Alert Logic Blog

In this blog, Alert Logic provides commentary on topics that are related to our technologies, such as log management, threat management, and IT compliance management.

POODLE – The man-in-the-middle attack on SSLv3

First it was Heartbleed, then Shellshock, now POODLE…while the names are intriguing, the focus of these security vulnerabilities is on how broad the exposure is, what is required to build the right protection, and how long the exposure may have been exploited for.

What is it?
POODLE (Padding Oracle On …

October 16, 2014 //

Read more

Shellshock Retrospective: What We Can Learn

By now most organizations have started to recover from the fire drill of their incident response process that the shellshock vulnerability caused. Servers are patched, applications are upgraded, and security technologies have been updated to look for attacks meant to exploit the vulnerability in the GNU BASH (Bourne Again Shell) …

October 14, 2014 //

Read more

SHELLSHOCK UPDATE: Additional Bash Vulnerabilities Identified

There has been a lot of confusion about CVE’s and ShellShock. Questions have come up like why so many different CVE’s? Which one should I implement? So we decided to put together a little information. Fist of all, to understand the bugs you first need to understand what a CVE …

October 03, 2014 //

Read more

Making the Move Towards Continuous Monitoring

Last week’s shellshock vulnerability alert sent IT organizations around the world scrambling to scan their environments, patching servers at a fever pitch to keep attackers out. Just days earlier, The Home Depot, the United States largest home improvement retailer, disclosed a massive data breach with over 50 million customers …

October 02, 2014 //

Read more

Three Reasons to Attend our Upcoming WAF Webinar

Web application security is important. Just in the past month, we’ve seen significant web breaches at JP Morgan Chase, and one of my favorite websites, Fiverr. WAFs can help protect your web applications but you need to use them effectively. Join our upcoming webinar to get good …

September 30, 2014 //

Read more

© 2010-2014