Skip to main content
Apr 11, 2014

Apperian Heart Isn’t Bleeding

As you are likely well-aware, the Heartbleed OpenSSL vulnerability was announced earlier this week. It is one of the most severe zero-day exploits uncovered in recent years. Using this exploit, an attacker could gain access to a server’s private SSL key, allowing him to decrypt all information being sent to the server, including usernames, passwords, and other sensitive data. You can read more details about the vulnerability and its impact here: http://heartbleed.com/ Rest-Assured with Apperian’s Response Upon publication of the vulnerability, our Operations staff audited all of our SSL end-points, and they found a few of our servers were running a vulnerable version of OpenSSL. Those servers were patched immediately to mitigate the risk of exposure. As of early Wednesday morning, Eastern Time, all of the servers with customer accounts were patched. As an additional precaution, we are now working with our Certificate Authority to re-issue all Apperian owned SSL certificates. There is no evidence that the Apperian servers were compromised or that any customer data was leaked. However, due to the nature of this exploit and the length of time the vulnerability existed before being discovered, we recommend that customers reset their password, not just for Apperian, but with any website which contains sensitive data and has implemented the patch.

Apperian

More from the Blog
Sep 19, 2018

Arr Matey, Hear a Tale about Cyber-Piracy

It’s Talk Like A Pirate Day.
Read more
Sep 18, 2018

The App Is The Endpoint

Traditional Endpoint Security is dead, that is to say that hardening the laptop, desktop, or device is not a panacea. ...
Read more
Aug 29, 2018

Using real-time threat analytics to thwart a serial app attacker

How Arxan helped shut down continuous reverse engineering attacks Operating in the Dark It started after releasing an app u ...
Read more