SUBSCRIBE TO TMCnet
TMCnet - World's Largest Communications and Technology Community

CHANNEL BY TOPICS


QUICK LINKS




What Did Heartbleed Teach Us About Test Management?

Test Management Featured Article

What Did Heartbleed Teach Us About Test Management?

 
April 17, 2014

Share
Tweet
  By Susan J. Campbell,
TMCnet Contributing Editor
 


If you haven’t heard about the recent Heartbleed bug, you must not use any type of technology, and reading this article is your first foray into the online world. As that’s likely untrue, let’s explore how this bug has affected so many users and why test management can make the difference in your environment.


We know the Heartbleed bug affected OpenSSL, which is mainly a key element in powering the entire Internet. In other words – this was a big deal. It forced IT managers everywhere to shore up their network vulnerabilities and apply necessary fixes. Online users were instructed to change passwords and the industry as a whole was put on high alert. Announcements like the existence of this type of bug can shake up experts who believed they had all their bases covered.

Test management is a big part of this confidence as it allows IT managers to test networks, software and applications to ensure they are secure. When proprietary information is handled or managed across these platforms, security is critical. That’s why companies like Innovative Defense Technologies, a provider of automated software testing solutions for large complex systems, recently announced the release of its ATRT: Information Security Manager.

This latest development is designed to protect enterprise networks from cyber security threats by using test management tools such as automated assessment, remediation and certification. This latest release expands the capabilities needed to address the need for greater cyber security through proper monitoring and test management. When bugs like Heartbleed emerge, robust solutions have to be in place to minimize the risk and damage for enterprise networks.

Heartbleed is easily considered the worst security bug to ever hit the Internet. One security expert described it as, “catastrophic.” It not only shook the confidence in the enterprise network, it also damaged the image of free and open source software (FOSS). There is a mythology that surrounds FOSS that bugs like Heartbleed shouldn’t be able to touch it as the source code is free, readily available and worked with daily. In other words, too many eyes are on the platform – bugs shouldn’t be able to get through.

But, as with all mythology, the truth revealed a much harsher reality. Heartbleed has existed for more than two years before discovery and could have been used by American security agencies in their surveillance of the public. This reality is humbling in such a way that IT experts everywhere are arguing over the value of FOSS and the inherent protections we believed to be in place.

What this incident really identifies, however, is the importance of test management and constant network monitoring. IT managers can do everything at their disposal to protect the enterprise network and its users, but must be flexible and agile enough to respond when the next Heartbleed bug emerges. There will be future threats and they could be worse than Heartbleed. The key will be in their ability to respond and fix vulnerabilities so as to maintain consistent operation.

Heartbleed is definitely a lesson learned – at least until next time. 




Edited by Alisen Downey
Test Management Homepage ›





Technology Marketing Corporation

2 Trap Falls Road Suite 106, Shelton, CT 06484 USA
Ph: +1-203-852-6800, 800-243-6002

General comments: [email protected].
Comments about this site: [email protected].

STAY CURRENT YOUR WAY

© 2024 Technology Marketing Corporation. All rights reserved | Privacy Policy