Automox Security and Trust
Welcome to Automox's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.
Our Automox Security Team embodies over three decades of operational expertise in designing and safeguarding large-scale, multi-tenant cloud and internet applications. In line with our dedication to fostering transparency and security, we mandate that all team members undergo stringent background checks before employment. This proactive approach ensures that our team operates in an environment that is both secure and transparent, reinforcing our commitment to creating a safer world.
Trust Center Updates
Automox Not Impacted by MOVEit VulnerabilitiesGeneralCopy link
Recently, the security team here at Automox became aware of the news surrounding a high impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.
We want our customers to know that Automox is not impacted by this vulnerability.
We do not leverage this technology/software within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.
Automox is not affected by CVE-2022-3602 and CVE-2022-3786IncidentsCopy link
After careful review of our infrastructure and SBOM, the Automox team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.
Automox is not affected by the new Microsoft Exchange Zero-DayIncidentsCopy link
On Sept 29th, News broke of a new ProxyLogon 0-day RCE being used to target Microsoft Exchange Servers. Automox is not affected at this time. Automox does not currently use any Microsoft Exchange products in the delivery of our products or services.
Automox is not affected by Confluence CVE-2022-26134IncidentsCopy link
On June 2, 2022, Atlassian published a security advisory for CVE-2022-26134, a critical unauthenticated, remote code execution vulnerability in the products Confluence Server and Confluence Data Center. The vulnerability is unpatched as of June 2 and is being exploited in the wild. Automox is not affected by this CVE.
Automox is not affected by Python and PHP's Recent HijackingsIncidentsCopy link
News broke recently surrounding two open source packages that were hijacked. Python's ctx library and PHP's phpass. Automox does not utilize these packages anywhere in our product or services.
Automox is not affected by VMSA-2022-0014IncidentsCopy link
CISA has issued Emergency Directive (ED) 22-03 and released a Cybersecurity Advisory (CSA) in response to the active and expected exploitation of multiple vulnerabilities in the following VMware products: VMware Workspace ONE Access (Access), VMware Identity Manager (vIDM), VMware vRealize Automation (vRA), VMware Cloud Foundation, vRealize Suite Lifecycle Manager.
Automox does not currently use any of these VMware products in the delivery of our products or services.