Protection Against Shellshock Exploits While vendor patches are a first line of defense, IBM can help protect our customers from the exploit of this vulnerability with our IBM Security Network Intrusion Prevention product offerings. In fact, we have been helping customers protect from this and similar types of attacks since 2007— thanks to one of our main differentiators, Protocol Analysis. IBM is able to identify and help protect from Shellshock using a signature named Shell_Command_Injection released in 2007. Said another way: The IBM Security IPS offerings have been able to identify and protect from this vulnerability for the past 7 years. This signature identifies shell commands (operating system commands) traversing the network inside protocols where they do not normally belong, for instance, inside of the HTTP header field of traffic destined to a web server.