News & Events

Heartbleed

How Java™ Could Have Prevented Heartbleed

OpenSSL continues to cast a shadow over the IT industry’s poor choice of programming languages for developing secure software. Neils Ferguson and Bruce Schneier’s mantra, that using a programming language without protection against buffer overflows is tantamount to criminal negligence, … Read MoreRead More

Tags: ,

Blueprint for Heartbleed and OpenSSL Risk Exposure Prevention

Forum Systems to Showcase API and Cloud Security Gateway at Infosecurity Europe Forum Systems Inc. will be showcasing Forum Sentry – its industry-leading API and Cloud Security Gateway – next week at Infosecurity Europe 2014. Europe’s biggest free-to-attend information security … Read MoreRead More

Tags:
Heartbleed

5 Questions to Ask your Load Balancer Vendor

Heartbleed, the recent security flaw found in OpenSSL, is just one of many flaws discovered in this open source code base. Many load balancer providers have bolted on OpenSSL to manage SSL traffic through their product. Here are five questions … Read MoreRead More

Tags: , ,
Heartbleed

Load balancers that use OpenSSL

A list of market leading load balancers that use OpenSSL to protect HTTP and FTP traffic includes F5, Citrix, Radware, Riverbed, and Barracuda. Load balancers spread traffic amongst multiple servers and enable high availability for business transactions. They serve as a central conduit for critical business transactions. The load balancer vendors have done a good job in patching their products to prevent the latest OpenSSL vulnerability: Heartbleed. … Read More

Tags: ,

Forum Systems – Infosecurity Europe 2014

Forum Systems will be attending Infosecurity Europe 2014, Europe’s number one information security event, on April 29th through May 1st. The event will be hosted at Earls Court, London and it is free to attend for individuals as long as you … Read MoreRead More

Tags: ,
Heartbleed

Heartbleed exposes privates

This is as serious as it gets. Heartbleed exposes your corporate private keys. Your crown jewels, your keys to the castle….well you get the idea. Your corporate privates are indeed exposed, they may not have been stolen yet, but they are unequivocally exposed through Heartbleed . It took researches less than 3 hours to extract private keys from a server as a result of a challenge issued by CloudFare. … Read More

Tags: ,

OpenSSL Security Vulnerabilities and other C-based Risks

The latest Heartbleed OpenSSL vulnerability (CVE-2014-0160) is again a re-affirmation that usage of C-based security modules by an enterprise company greatly increases its risk posture. … Read More

Tags: , , , ,
Heartbleed

Predictions from 2002-2003: Heartbleed = Criminal Negligence

Here is an archived document that Forum Systems published in 2002-2003 while architecting a secure XML gateway. We would like you to read this article to understand the importance of a security-first approach while interacting with users and systems, especially outside your enterprise boundary. … Read More

Tags: , , , ,
Heartbleed

How to fix OpenSSL Heartbleed Security Flaw

In this article, we will show you how to fix the OpenSSL Heartbleed security flaw. OpenSSL Heartbleed has been recently discovered by security researchers. This security flaw is as a result of a software bug in the SSL/TLS protocol implementation of the … Read More

Tags: , , ,

How to generate a key pair on Mac OS X

In this tutorial, you will learn how to generate keys on a Mac OSX system. The keys generated here are for testing purposes only and are self-signed. The public certificate generated can then be used for SSL Mutual Authentication to Forum Sentry. … Read More

Tags: , , ,