Data Loss Prevention

 View Only

  • 1.  DLP and OpenSSL?

    Trusted Advisor
    Posted Apr 10, 2014 02:27 PM

    So, is DLP affected by the Heartbleed flaw?



  • 2.  RE: DLP and OpenSSL?

    Posted Apr 10, 2014 02:41 PM

    New blog just out:

    https://www-secure.symantec.com/connect/blogs/heartbleed-openssl-and-symantec-email-web-security

    I make the assumption if it's not mentioned under the list of "NOTs" than it is vulnerable to it.



  • 3.  RE: DLP and OpenSSL?
    Best Answer

    Broadcom Employee
    Posted Apr 10, 2014 03:11 PM

    DLP is not affected by the Heartbleed flaw.

    See the KB article Are Symantec Data Loss Prevention (DLP) releases affected by the “Heartbleed” OpenSSL vulnerability (CVE-2014-0160)?

    https://kb-vontu.altiris.com/display/1n/kb/article.asp?aid=56728

    From the article:

    "Symantec Data Loss Prevention (DLP) releases are NOT affected, as these do not use OpenSSL versions that are susceptible to this defect."



  • 4.  RE: DLP and OpenSSL?

    Posted Apr 10, 2014 03:12 PM

    good deal, thanks



  • 5.  RE: DLP and OpenSSL?

    Posted Apr 25, 2014 10:08 AM

    Followers of this thread may be interested in attending Symantec's webcast on Tuesday the 29th.  The following blog post has all the details and a link to the registration page

    The Heartbleed Bug: How to Protect Your Business
    https://www-secure.symantec.com/connect/blogs/heartbleed-bug-how-protect-your-business

    With thanks and best regards,

    Mick