ANSWER: Cloudbleed
Explanation: Symantec on March 6, 2017 released an automated solution to identify and resolve potential exposure to 'Cloudbleed' - a bug that compromised millions of user accounts in cloud applications.
The company has released the solution to current Symantec 'ProxySG' customers.
The solution leverages integrations between its 'CloudSOC Cloud Access Security Broker' (CASB) and the broader Symantec security portfolio.
Discovered on February 17, 'Cloudbleed' is a security bug that leaked data from the content delivery network Cloudflare.
Following the incident, Symantec analysts mapped the vulnerable 'CloudBleed' web URLs to specific cloud applications and 'CloudSOC Audit' identified more than 2,000 applications that were potentially affected by CloudBleed.
As a result, 'CloudSOC Audit' now tracks the CloudBleed vulnerability as an at-risk attribute for cloud applications.
'CloudSOC Audit' tracks intelligence on over 20,000 cloud applications based on 90-plus different risk attributes, now including the 'CloudBleed' vulnerability.
CloudBleed: Know More - Cloudflare, which is used by more than 5.5 million websites leaked mass amounts of sensitive user information from those sites.
- This is including passwords, private messages, hotel bookings, and more between September 2016 and February 18th of this year.
- The leak has been called ‘Cloudbleed’.
- Security researcher, Tavis Ormandy, discovered the vulnerability, which is the result of a software bug in their code.
- This is technically known as a buffer overrun.
|