Five Vulnerabilities Fixed In– Wait For It– OpenSSL

A handful of fixes to ugly vulnerabilities means you need visibility into what you've got.

security-ebook.jpg

Update OpenSSL to versions 1.0.2b, 1.0.1n, 1.0.0s, or 0.9.8z.

On June 11, the OpenSSL Project announced a handful of fixes in their software. A large component of these releases is protection against the Logjam attack, which could allow an attacker to read or alter data on a secure connection. It's a pretty big deal, especially if you do any sort of ecommerce or transactional operations.

So how do you check for the vulnerability across your entire environment? Once your configurations are being monitored by ScriptRock, we've got a couple ways to make it simple.

First up is our fancy "OpenSSL Vuln Check" button. This bad boy will check to ensure your installed OpenSSL is up-to-date and report if it isn't. One click and you're done.

Our other option is Universal Search. Your entire IT state is being monitored, so we figured it makes perfect sense to be able to search it. Anytime a package vulnerability comes up– whether it's OpenSSL or bash or you-name-it– just throw it in the search box and you'll immediately see not only where the package is installed, but its version number and other configuration data.

ScriptRock scanning is free forever for up to 5 nodes, or try the full feature set for a month with the coupon code 1MONTHFREE. Organizations like ADP, E-Trade, and the Boy Scouts of America already trust ScriptRock to watch over their configuration state. Give it a shot today, or request a free demo and our specialists can walk you through how we can fit into your workflow.

A short ScriptRock demo given live at Microsoft TechEd showing some of our more common use cases. Ready to get started?

Let's Go