The Governor’s Office of Information Technology is offering a complimentary vulnerability scan to all Colorado’s state and local government entities, as well as nonprofit organizations, to help them determine whether their web applications may be vulnerable to this recent internet threat.
The Heartbleed Internet Bug is a serious vulnerability in the OpenSSL cryptographic software library. OpenSSL is typically used to secure web applications including some email, instant messaging, and virtual private networks (VPNs). This vulnerability allows attackers to eavesdrop on communications and impersonate the services and users in order to steal data directly.
If you are interested in taking advantage of this complimentary scan, please complete the attached form and email it to email@example.com. We will be contacting you to verify your organization information.
Request for Complimentary Heartbleed Scan
1. Name of Organization ________________________________
2. Type of Organization: ____ Local Government ___ State Government ___ Non-Profit
3. IP Addresses to be Scanned: ______________________
*If you prefer, you can share this directly with an Office of Information Security team member. Just send an email to firstname.lastname@example.org requesting that we contact you.
4. Name of Person Requesting Scan: ______________________
5. Title of Person Requesting Scan: _____________________
6. Contact Details of Person Requesting Scan:
(for security reasons this must be your official work email)
7. Below, please list any scan limitations to be followed (e.g., weekends only, weekdays but only between midnight and 6 AM):
Please complete the following attestation and sign below. When complete, email the form to email@example.com.
I, __________________________, authorize the Governor’s Office of Information Security to scan the above listed IP addresses within the aforementioned scan limitations for the Heartbleed vulnerability. By signing below, I confirm that I have the authorization to approve scanning of my network.