Posted by Miryam Brand
December 16, 2021
Executive summary: The Akeyless Vault Platform is not impacted by the log4j vulnerability
Many enterprise apps and cloud services use this common logging library. Apache has since released a security update and provided recommended configurations for earlier versions that mitigate the vulnerability’s impact. We strongly encourage security and dev teams to analyze their use of the tool and update immediately, if they haven’t already done so.
Akeyless’ security teams validated the platform code and processes, and confirm that this vulnerability does not affect our platform, throughout the entire software supply chain.
As part of Akeyless SOC 2 Type II and ISO27001:2013 compliance, Akeyless has established a process to promptly validate the effect of any vulnerability, just like this log4j issue.
For more details on how Akeyless secures the Vault Platform, and our customers, visit akeyless.io/trust-center.
DevOps SecurityCustomers often wonder if their data is secure in the cloud. To answer this, let’s discuss key …
Akeyless $65M Round B: Reimagining Secrets ManagementWe’re excited to announce that we have raised a Series B round of $65 million! The funding …
Why Secrets Rotation for On-Prem Infrastructure MattersCredential rotation isn’t always simple or easy. Enter Universal Identity, a lightweight …