2014-1-14 (Last update can be found below the document title)
A vulnerability was discovered in SSLv3 which could allow a remote attacker to force a TLS downgrade negotiation, which could result in SSLv3 with weak ciphers being used. Once downgraded, the traffic is then susceptible to a man in the middle (MITM) attack
On October 14th, Google security released an advisory regarding a newly discovered SSLv3 attack. Once the Instructure InfoSec team was made aware of the advisory, it took immediate action to disable SSLv3 and its related ciphers on the Canvas platform.
All systems were patched as of 14:33 MT on 10/14/2014
Jordan has had various roles in the ed tech software (SAAS) industry for the past 9 years. (almost 5 years with Instructure).
In his previous company he was a Client Services Manager for two years (responsible for account management, implementation, project management, and training, for each of his customers). After a year and a half he was commissioned to build a training department, all policies and procedures, and deliver training for all customers.
Over the past eight years he has been in charge of conceiving, producing and deploying eLearning initiatives and strategies.
He has trained over 3,000 adult learners with a wide range of technical aptitude, including K-12 Teachers, Principals, Administrators, Superintendents, Higher Ed Professors, Doctors, CTO’s, and Corporate Business Professionals and Executives.
Jordan is an instructional designer and Community Manager for Instructure with a focus on connecting Canvas users with tools and resources that will help them get excited about and become proficient in utilizing the Canvas Learning Platform.