Question

How does Automox mitigate supply chain attacks?

  • 13 May 2022
  • 1 reply
  • 45 views

Badge

How do you prevent the downstream damage to my endpoints if you guys get hacked? What happened to Kaseya, where hackers exploited their VSA platform to deliver ransomware to MSP customers, was quite a nightmare event.

 

 


1 reply

@jaldeguer - I collected a response from our internal security team for you. Please let us know if you have any additional questions!

 

Here at Automox, we are acutely aware of the importance of security and the trust our customers place with us to maintain secure configurations and controls. We have brought together a diverse and skilled team of security engineers with experience in cloud security, threat analysis, penetration testing, and DevSecOps. Securing our pipelines and environment to prevent threats like supply chain attacks are our top priority.

Internally, our security team works closely with system engineers and developers to ensure the security of our systems and code. Endpoints are managed and protected through the use of MDM, EDR, Antivirus, vulnerability management, and patch management software. Application and system access implements least privilege concepts using RBAC and enforces the use of SSO with MFA when possible, or strong authentication policies otherwise. The security team manages phishing and compliance tool suites to guide user behavior and policy decisions, a bug bounty program, as well as SOAR and SIEM platforms to enable proactive and effective response to threats.

We maintain a security summary page available at security.automox.com where you may request additional information such as our SOC2 report.

If there are any specific questions we can answer about our internal practices, tooling, etc please let us know and we would be happy to help.

Reply