Heartbleed Cheatsheet

Heartbleed Cheatsheet:

  • Upgrade OpenSSL on all of your existing software
  • Propose projects to remove infrastructure that can’t be upgraded (if your vendors haven’t shipped a patch, get new gear)
  • Force users to update credentials (YMMV depending on what you do, either force a re-auth, or password resets)
  • Apologize to your users for not dealing with this weeks ago.

If your employer won’t let you do these four things, the next thing to do is find a new job.

Anything less would be unprofessional.

Since Jim asked, this cheat sheet is licensed under the Mozilla Public License, and I will happily license it under other suitable licenses if needed

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.