We know you're sick of updating OpenSSL so we'll keep this short. There is a new SSL vulnerability named FREAK with a published proof of concept. FREAK affects a significant portion of websites, including big names like American Express and the NSA. Like POODLE, FREAK takes advantage of support for legacy cryptographic protocols. To determine the scope of your exposure to the FREAK attack you need to know what version of OpenSSL is installed on every server. If you've updated since January, you're likely safe. If not, you are likely vulnerable and need to assess the work to be done. With UpGuard's enterprise search that information is trivial to retrieve. Just type in any search term like you would if you were using Google to find a place with good tacos.
Once you've updated the affected servers you can validate their state the same way. Being able to scope and test your SSL update will save hours and give you confidence that your infrastructure has been secured. Plus, all that information will be available in an auditable timeline when you need to demonstrate compliance. Where is SSL in my system? Right here:
Just as importantly, UpGuard can give you the assurance that your system wasn't comprised before FREAK was made public. UpGuard automatically detects drift anywhere in your system environment. Any changes to packages or files, escalation of user privileges, or any other symptom of intrusion would have been caught and reported in the drift tracking system.
To get the convenience of modern search for your infrastructure, sign up for a free UpGuarddemo.
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.