RS
How we failed post-Heartbleed
There’s no doubt Heartbleed was one of the most devastating events within cyber security throughout the last decade. Security and IT teams alike rushed to fix the vulnerability and the media frenzied. While the fact that it was so quickly addressed and brought to light was impressive, I was astonished about the fact that a huge amount of websites that were affected by Heartbleed regenerated their certificates with the same private key. If I were to tweet about this, I might have used #facepalm. While I was quite impressed by the mobilization of the internet to address the issue so early on, I was equally stunned by the total failure in the efforts to fix the problem properly.
- RUSS SPITLER, VICE PRESIDENT, PRODUCT STRATEGY, ALIEN VAULT
- Viewpoints
- Posted On