Media Alert: Check Point Provides Multiple Protections Against Heartbleed
April 15 2014 - 5:00PM
Marketwired
Media Alert: Check Point Provides Multiple Protections Against
Heartbleed
SAN CARLOS, CA--(Marketwired - Apr 15, 2014) - Check Point®
Software Technologies Ltd. (NASDAQ: CHKP), the worldwide leader in
securing the internet, today announced that its network security
products offer multiple protections from the Heartbleed
vulnerability, providing for the security of customers' clients,
servers and the integrity of their network data.
Check Point network security products are not susceptible to
Heartbleed exploits as the company utilizes a non-vulnerable
version of OpenSSL. The company also provided multiple protections
against attacks leveraging the Heartbleed bug that include:
- Check Point's implementation of HTTPS inspection that
automatically prevents Heartbleed traffic. This was first
introduced in 2011 with R75.20.
- Check Point released IPS protections to detect and block
exploits from Heartbleed, on April 9, 2014.
- For more information, see:
- sk100173 - Check Point response to OpenSSL vulnerability
(CVE-2014-0160)
- sk100246 - Check Point IPS Protections for OpenSSL
Heartbleed vulnerability (CVE 2014-0160)
"The Heartbleed vulnerability is a critical and far-reaching
security threat that potentially exposes sensitive personal and
business information to remote hackers. Check Point's products
provide multiple elements of protection against Heartbleed. First,
our network security products are not vulnerable to this threat as
Check Point uses a non-vulnerable version of OpenSSL. Second, our
HTTPS inspection inherently prevents Heartbleed traffic. Finally,
our timely IPS protection will detect and block attempts to exploit
this vulnerability," said Dorit Dor, vice president of products at
Check Point Software Technologies.
Additional Information on Heartbleed:
- The National Vulnerability Database (NVD)
Common Vulnerabilities and Exposures entry describes
CVE-2014-0160, aka "Heartbleed" as: "The (1) TLS and
(2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not
properly handle Heartbeat Extension packets, which allows
remote attackers to obtain sensitive information from process
memory via crafted packets that trigger a buffer over-read, as
demonstrated by reading private keys... aka the Heartbleed
bug."
- Heartbleed.com describes the vulnerability as:
"The Heartbleed Bug is a serious vulnerability in the
popular OpenSSL cryptographic software library... The
Heartbleed bug allows anyone on the Internet to read the
memory of the systems protected by the vulnerable versions of
the OpenSSL software. This compromises the secret keys used
to identify the service providers and to encrypt the traffic,
the names and passwords of the users and the actual content.
This allows attackers to eavesdrop on communications, steal
data directly from the services and users and to impersonate
services and users."
"The Heartbleed vulnerability is so worrisome because of the
pervasive use of OpenSSL and the fact that consumers often do not
employ password best-practices, opening themselves to credential
theft. Further, enterprises need to worry not only about the loss
of customer account information, but also the compromise of
employee credentials, as well as the exploitation of vulnerable
network devices utilizing OpenSSL," said John Grady, research
manager of security products and services at IDC.
"The Heartbleed bug is a serious security threat affecting a
wide range of IT operations around the world. While it
continues to be a major concern for many businesses, Hotel Nikko is
safeguarded by Check Point's leading Intrusion Prevention System
(IPS) and its other network security solutions. We are pleased with
Check Point's immediate protection and I'm confident in the
security that Check Point provides for our network," said Manuel
Ruiz, IT director at Hotel Nikko San Francisco.
Follow Check Point via
Twitter: www.twitter.com/checkpointsw Facebook:
https://www.facebook.com/checkpointsoftware YouTube:
http://www.youtube.com/user/CPGlobal
About Check Point Software Technologies Ltd. Check Point
Software Technologies Ltd. (www.checkpoint.com), the worldwide
leader in securing the Internet, provides customers with
uncompromised protection against all types of threats, reduces
security complexity and lowers total cost of ownership. Check Point
first pioneered the industry with FireWall-1 and its patented
stateful inspection technology. Today, Check Point continues to
develop new innovations based on the Software Blade Architecture,
providing customers with flexible and simple solutions that can be
fully customized to meet the exact security needs of any
organization. Check Point is the only vendor to go beyond
technology and define security as a business process. Check Point
3D Security uniquely combines policy, people and enforcement for
greater protection of information assets and helps organizations
implement a blueprint for security that aligns with business needs.
Customers include tens of thousands of organizations of all sizes,
including all Fortune and Global 100 companies. Check Point's
award-winning ZoneAlarm solutions protect millions of consumers
from hackers, spyware and identity theft.
Media Contact Jim Rivas Check Point Software Technologies
+1 650.628.2215
press@us.checkpoint.com Investor Contact Kip E. Meintzer Check
Point Software Technologies +1 650.628.2040
ir@us.checkpoint.com
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Mar 2024 to Apr 2024
Check Point Software Tec... (NASDAQ:CHKP)
Historical Stock Chart
From Apr 2023 to Apr 2024