UPDATE: Better (more complete) slides and other material available here.
Since I am at SANS Orlando, but not teaching a long course this week, I was asked by the SANS staff to put together a presentation on the heartbleed vuln. This was short notice. I had spent most of the day working with various clients on addressing their own specific issues. I'll likely update this presentation tomorrow night when we know more about who has updated, who has not, and what client software is vulnerable. Until then, consider these slides beta.
Here are the (decidedly non-technical) slides
HeartBleed POC script
HeartBleed server test script
Please understand that these are extremely beta as I was working with clients all day. If you are looking for super technical explanations, look elsewhere. Otherwise, feel free to use this to communicate to your management/IT departments.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.