A piece I wrote on Heartbleed was published in Cloud Computing Intelligence magazine: Once you’ve dealt with Heartbleed, how do you prevent it recurring?.
Summary and lead-in:

You've got rid of Heartbleed, and you're relaxing with a soothing cup of something strong, but how do you know that it's gone for good? Dominic Wellington looks at creating a containment policy for Heartbleed and for any subsequent nasty bug that will stop them from coming back to plague you again.

Feedback welcome!