Just hours after the Shellshock (Bashdoor) vulnerability was discovered, our technical team had abated the risk for BrightCloud hosted customers.
Customer security is our priority.
The minute the news broke, we were checking for vulnerable systems, prioritising those that are internet facing and have no other form of protection in front of them.
Within hours, all hosted customer systems were secure and the BrightCloud and Open Reality internal systems were safe.
The Shellshock vulnerability once again highlights the need for ‘Next Generation” security appliances in the network perimeter. It is these appliances (such as Palo Alto Networks firewalls or Citrix NetScaler Application firewalls) that can be configured to block vulnerabilities and therefore mitigates the issue.
This BBC article provides good overview in the Shellshock vulnerability. https://www.bbc.co.uk/news/technology-29361794