Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Check Point claims its security products can defend against Heartbleed

Zafirah Salim | April 17, 2014
Check Point says it provides multiple protections against Heartbleed

Internet security provider Check Point Software Technologies announced today that its network security products offer multiple protections against the Heartbleed vulnerability, thus ensuring the security of customers’ clients, servers and the integrity of their network data.

The Heartbleed vulnerability shook the Internet security landscape recently, sending people in a flurry as they worry about their data security.

The bug enables attackers to exploit a critical programming flaw in OpenSSL. When exploited, the flaw leaks data from a server's memory, which could include SSL site keys, and other sensitive and personal information such as usernames, passwords, email, as well as instant messages.

Dorit Dor, vice president of products at Check Point Software Technologies, explains why its products are not susceptible to Heartbleed exploits: “First, our network security products are not vulnerable to this threat as Check Point uses a non-vulnerable version of OpenSSL. Second, our HTTPS inspection inherently prevents Heartbleed traffic. Finally, our timely IPS protection will detect and block attempts to exploit this vulnerability.”

"The Heartbleed vulnerability is so worrisome because of the pervasive use of OpenSSL and the fact that consumers often do not employ password best-practices, opening themselves to credential theft,” said John Grady, research manager of security products and services at IDC.

“Furthermore, enterprises need to worry not only about the loss of customer account information, but also the compromise of employee credentials, as well as the exploitation of vulnerable network devices utilising OpenSSL.”

 

Sign up for CIO Asia eNewsletters.