The Department of Homeland Security National Cyber Security Division (NIST) gives the Shellshock bug a score of 10 based on the “Common Vulnerability Scoring System Version 2 Calculator”. The score basically measures the severity of a security vulnerability. The score ranges from 0 to 10 , with 10 being the worse. The ShellShock bug has impacted many companies, including all CDNs. CDNs have the responsibility to inform customers of the impact on their infrastructure, and keep them updated regularly on the steps being taken to mitigate the vulnerability. Bizety has reviewed the blogs and press releases of the CDNs below, and less than half got a passing grade. For those CDNs that got a passing grade, “awesome job”, keep up the good work.
Grading CDNs On Their Response to Shellshock Bug
- Passing Grade: Incapsula, EdgeCast, Akamai, Limelight Networks, CloudFlare, AWS and Fastly
- Didn’t Pass: Cachefly, MaxCDN, Yottaa, Cachefly, Level 3, Highwinds, Instart Logic, Internap, and Aryaka Networks