In details, the web site includes general information about the vulnerability and its impacts, detailed technical information, ways an organization can protect itself using mitigation tools and techniques, and a list of frequent asked questions and their answers. In addition, it contains a section with relevant domestic and international news with regards to the vulnerability, while it proposes supplementary services that could assist enterprises in vulnerability remedy and mitigation. Finally, it includes a free online scanning tool, customised by BESECURE, which users and enterprises can use to detect possible instances of the vulnerability in public web sites they operate.
In the aftermath of the impact of Heartbleed vulnerability, BESECURE conducted a research study on the security level of 400 popular Greek e-shops. The study revealed that 304 (76%) of them were using encryption, while 125 (41,1%) e-shops were using solely strong encryption algorithms to protect their customers’ personal and sensitive information. 162 (53,2%) had installed invalid digital certificates (either expired or registered to different domain name), while 71 (17,7%) had no digital certificate installed. Finally an important finding of BESECURE research showed that 14 (4,6%) of e-shops were vulnerable to Heartbleed bug.
According to researchers and analysts similar to Heartbleed flaws could be exploited within the next years to cause lose of billions and target critical utility infrastructure like energy grids to put out of commission and public sector infrastructure.
BESECURE, the most trusted Governance Risk and Compliance solutions and services Provider, provides Compliance Services based on legal and regulatory requirements, designs and implements advanced IT security solutions, delivers information Security Training Seminars, provides Managed Security services, performs Penetration Tests and Vulnerability Assessments covering all phases of the life cycle of information security. BESECURE applies a certified Quality Management System according to ISO 9001:2008 and a certified Information Security Management System according to ISO 27001. For more information about BESECURE, please visit http://www.besecuregroup.com