Virtualization Authors: Carmen Gonzalez, Greg Schulz, Imran Akbar, Sharon Barkai, Elizabeth White

Blog Feed Post

The Heartbleed Security Vulnerability and What It Means for Skytap

You may have heard about the recent security vulnerability known as "Heartbleed.” Researchers have discovered a vulnerability in OpenSSL (a cryptographic software library that protects many services on the Internet) that allows unauthorized access to protected information. Skytap has investigated this issue and determined that our websites, particularly https://cloud.skytap.com, and other publicly exposed services are not vulnerable to the Heartbleed bug. Private, internal-only services are also being validated and patched if vulnerable. To protect indirect loss of information, Skytap has also ensured that our own external service providers do not have this vulnerability.

This issue may affect our customers through virtual machines running within Skytap that are externally exposed. By default, all Skytap environments are isolated both from other environments running within Skytap and from the Internet. If you have chosen to expose your networks to the Internet via public IPs or published services, we strongly recommend that you check and update guest operating systems and installed software applications. We also recommend that you check and update client tools used to communicate with your resources in Skytap or other providers. 

Additional information about Heartbleed can be found here, and the following site contains a list of vendors and their current status in relation to this vulnerability: http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=720951&SearchOrder=4

If you have further questions about the Heartbleed bug or Skytap's response, please contact us.


The Skytap Team

Read the original blog entry...

More Stories By Noel Wurst

I am the managing content editor at Skytap. Skytap provides SaaS-based dev/test environments to the enterprise. Our solution removes the inefficiencies and constraints that companies have within their software development lifecycle. As a result, our customers release better software faster. My aim is to publish engaging, thought provoking stories that revolve around agile enterprise applications and cloud-based development and testing.