Skip to main content

This post is from the Apperian blog and has not been updated since the original publish date.

Last Updated Apr 11, 2014 — App Management expert

Apperian Heart Isn’t Bleeding

App Management

As you are likely well-aware, the Heartbleed OpenSSL vulnerability was announced earlier this week. It is one of the most severe zero-day exploits uncovered in recent years. Using this exploit, an attacker could gain access to a server’s private SSL key, allowing him to decrypt all information being sent to the server, including usernames, passwords, and other sensitive data. You can read more details about the vulnerability and its impact here: http://heartbleed.com/

Rest-Assured with Apperian’s Response

Upon publication of the vulnerability, our Operations staff audited all of our SSL end-points, and they found a few of our servers were running a vulnerable version of OpenSSL. Those servers were patched immediately to mitigate the risk of exposure. As of early Wednesday morning, Eastern Time, all of the servers with customer accounts were patched. As an additional precaution, we are now working with our Certificate Authority to re-issue all Apperian owned SSL certificates. There is no evidence that the Apperian servers were compromised or that any customer data was leaked.

However, due to the nature of this exploit and the length of time the vulnerability existed before being discovered, we recommend that customers reset their password, not just for Apperian, but with any website which contains sensitive data and has implemented the patch.

More from the Blog

View more
Apr 30, 2020

Mobile Application Management: A Forward View

App Management
  IT Is Adapting in the Midst of the COVID-19 Pandemic The Coron ...
Read More
May 19, 2019

Sneak Peek: How Are IT Leaders Driving Mobile App Adoption?

App Management
Apperian conducted the The Mobile Enterprise Application Survey to fin ...
Read More
Jan 30, 2019

Part 1: App Security Should Be an Integral Part of Your DevSecOps Process — Not an Afterthought

Application Security
What are the key considerations and components of DevSecOps? The in ...
Read More
Nov 19, 2018

Breaking Down the New California IoT Law

Application Security
Recently California passed legislation regarding the security of all I ...
Read More
Contact Us