Over 35 InfoSec Courses at SANS Cyber Defense Initiative 2017. Save $400 thru 10/18.

Webcasts

To attend this webcast, login to your SANS Account or create your Account.

The Other Side of Heartbleed - Clientside Heartbleed Vulnerabilities Explained

  • Friday, April 11th, 2014 at 5:30 PM EDT (21:30:00 UTC)
  • Johannes Ullrich
This webcast has been archived. You can view the webcast presentation and download the slides by logging into your SANS Portal Account or creating an Account. Click the Register Now button after you have logged in to view the Webcast.

You can now attend the webcast using your mobile device!

Overview

Due to the high demand of this webcast we have set up an Overflow Room for anyone unable to connect to the primary session.

We're getting reports of client applications that are vulnerable to the heartbleed issue. Just as with server applications, these client applications are dependent on vulnerable versions of OpenSSL.

This vulnerability on the client side has the potential to be much longer-lived than on servers.

This combines the problem of the specific heartbleed vulnerability with the problem of embedded devices that may never be updated. Or devices that are updated by vendors for a year or two after release, then abandoned when the new model comes out - home routers and TV sets are great examples of this situation, but so are medical devices and Android phones, etc.

Speaker Bio

Johannes Ullrich, PhD

As chief research officer for the SANS Institute, Johannes is currently responsible for the SANS Internet Storm Center (ISC) and the GIAC Gold program. He founded DShield.org in 2000, which is now the data collection engine behind the ISC. His work with the ISC has been widely recognized, and in 2004, Network World named him one of the 50 most powerful people in the networking industry. Prior to working for SANS, Johannes worked as a lead support engineer for a Web development company and as a research physicist. Johannes holds a PhD in Physics from SUNY Albany and is located in Jacksonville, Florida. He also enjoys blogging about application security tips.

Need Help? Visit our FAQ page or email webcast-support@sans.org.

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.