Heartbleed Detection

Icon for Heartbleed detection

From the Community
Heartbleed Detection Update
SSL Labs Test for the Heartbleed Attack

How to detect the Heartbleed bug

Import our Heartbleed Detection option profile from the Library and then run frequent or continuous vulnerability scans using this profile.

How do I import the profile? Go to VM/VMDR > Scans > Option Profiles, and select New > Import from Library. Select the Heartbleed Detection profile.

Heartbleed patching and certificate cleanup

Go to your certificates list (VM/VMDR > Assets > Certificates) and use special filters to find hosts affected by the Heartbleed bug. Select Heartbleed-All to see all affected hosts (active and fixed). Select Heartbleed-Active to see only hosts that are currently vulnerable.

Heartbleed filters on Certificates list

Have you already patched affected hosts?

Select Search and Fixed to find all remediated hosts that can be issued a new certificate. Show meShow me

Search pane with Fixed checkbox to find remediated hosts

Find certificates that may need to be replaced

Use the Search feature to find certificates issued before the patch date (i.e. certificates issued before April 16, 2014.) Show meShow me

Search pane with Issued field to find certificates issued before the patch date

Want to share your report with others?

Select New > Download (above the certificates list) and choose a download format.