SaaS providers as their consumers (businesses) need to demand this. It is always good to pwn the patching/deployment server.įollowing is not a comment on Solar Winds as I have NO insight into theirĬurrent practices - but this should become front and center for all Have not heard it directly yet, but it seems that the CI/CD process and repositories got owned with no knowledge of the modification to the code. I believe this should be a wakeup call to all providers to start to validate their existing security with additional focus on DevOps (DevSecOps) processes and cloud security. I would argue assuming Solar Winds survives this, they will be one of the most secure vendors afterwards. Supply chain attacks have been around for a while and are not going away. In addition, Splashtop supplements its internal processes and tools with consulting and services from external security firms such as AWS Professional Services, PacketWatch, Bishop Fox, Improsec A/S, CrowdStrike and A-LIGN-plus crowdsourced input from Bugcrowd-to conduct continued audits and analyses of Splashtop systems and products.Īs our CEO said recently, "Security is something that is never ‘done’ it’s a constant effort to keep up with ever-evolving threats." and we are continually investing here. These are who's who of the security industry experts that are providing guidance on security practices recommend specific tools, such as for advanced endpoint security and help establish appropriate risk assessment and compliance processes. Recently, we also announced and shared info about the members of our Security Advisory Council Opens a new window. We invest millions of dollar per year to monitor and enhance our product and infrastructure security / reliability. Appreciate all the shout outs for Splashtop.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |