Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items

Automox Security and Trust

Welcome to Automox's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.

Our Automox Security Team embodies over three decades of operational expertise in designing and safeguarding large-scale, multi-tenant cloud and internet applications. In line with our dedication to fostering transparency and security, we mandate that all team members undergo stringent background checks before employment. This proactive approach ensures that our team operates in an environment that is both secure and transparent, reinforcing our commitment to creating a safer world.

Compliance

CSA STAR Logo
CSA STAR
EU-US DPF Logo
EU-US DPF
GDPR Logo
GDPR
PCI DSS Logo
PCI DSS
SOC 2 Logo
SOC 2
SOC 3 Logo
SOC 3
TX-RAMP Logo
TX-RAMP
Start your security review
View & download sensitive information
Ask for information
Automox 2023 BC/DR
Pentest Report
PCI DSS
SOC 2
SOC 3
CAIQ
Risk Management Policy
2023 Bug Bounty Transparency Report
CJIS Compliance Statement

Risk Profile

Data Access LevelInternal
Impact LevelSevere
Recovery Time Objective24-48 hours
View more

Product Security

Audit Logging
Data Security
Integrations
View more

Reports

Automox 2023 BC/DR
Network Diagram
Pentest Report
View more

Self-Assessments

CAIQ

Data Security

Access Monitoring
Backups Enabled
Data Erasure
View more

App Security

Responsible Disclosure
Code Analysis
Credential Management
View more

Access Control

Data Access
Logging
Password Security

Infrastructure

Amazon Web Services
Infrastructure Security
Separate Production Environment

Endpoint Security

DNS Filtering
Endpoint Detection & Response
Mobile Device Management
View more

Network Security

Firewall
IDS/IPS
Spoofing Protection
View more

Corporate Security

Email Protection
Employee Training
Incident Response
View more

Policies

Other Policies
Risk Management Policy

Security Grades

ImmuniWeb
Console
A-
Qualys SSL Labs
Console
A
API
A

Trust Center Updates

Automox Not Impacted by MOVEit Vulnerabilities

GeneralCopy link

Recently, the security team here at Automox became aware of the news surrounding a high impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.

We want our customers to know that Automox is not impacted by this vulnerability.

We do not leverage this technology/software within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.

Published at N/A

Automox is not affected by CVE-2022-3602 and CVE-2022-3786

IncidentsCopy link

After careful review of our infrastructure and SBOM, the Automox team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.

Published at N/A

Automox is not affected by the new Microsoft Exchange Zero-Day

IncidentsCopy link

On Sept 29th, News broke of a new ProxyLogon 0-day RCE being used to target Microsoft Exchange Servers. Automox is not affected at this time. Automox does not currently use any Microsoft Exchange products in the delivery of our products or services.

Published at N/A*

Automox is not affected by Confluence CVE-2022-26134

IncidentsCopy link

On June 2, 2022, Atlassian published a security advisory for CVE-2022-26134, a critical unauthenticated, remote code execution vulnerability in the products Confluence Server and Confluence Data Center. The vulnerability is unpatched as of June 2 and is being exploited in the wild. Automox is not affected by this CVE.

Published at N/A

Automox is not affected by Python and PHP's Recent Hijackings

IncidentsCopy link

News broke recently surrounding two open source packages that were hijacked. Python's ctx library and PHP's phpass. Automox does not utilize these packages anywhere in our product or services.

Published at N/A

Automox is not affected by VMSA-2022-0014

IncidentsCopy link

CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to the active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager.

Automox does not currently use any of these VMware products in the delivery of our products or services.

Published at N/A

If you think you may have discovered a vulnerability, please send us a note.

Powered bySafeBase Logo