Trust Center
Welcome to Automox's Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation.
Our Automox Security Team embodies over three decades of operational expertise in designing and safeguarding large-scale, multi-tenant cloud and internet applications. In line with our dedication to fostering transparency and security, we mandate that all team members undergo stringent background checks before employment. This proactive approach ensures that our team operates in an environment that is both secure and transparent, reinforcing our commitment to creating a safer world.
Documents
Notepad++ flagged by EDR Software
There was a recent update pushed for version 8.8.3. The Notepad++ team provided an update on their blog as well. The relevant links are below.
https://notepad-plus-plus.org/news/v883-self-signed-certificate/
We are aware of EDR software flagging Notepad++ as malware. The maintainers are also aware of this issue and have posted to their website; a related Github issue was posted last week as well. Moreover, PatchSafe caught Notepad++ and our Security Operations team investigated and determined that it was a false positive. The relevant links are below.
https://notepad-plus-plus.org/news/8.8.2-available-in-1-week-without-certificate/
https://github.com/notepad-plus-plus/notepad-plus-plus/issues/16770.
Ingress Nginx Update
Today, Automox updated our ingress controller in response to the Ingress Nightmare vulnerability released by Wiz Security. Customers may have noticed a brief disruption to remote control and other API services in the console as the upgrades happened. If you have further questions please contact customer support.
No Default Passwords
As part of our compliance with CISA's Secure By Design Pledge, we are attesting that we long ago eliminated any default passwords in our product, do not allow them, and scan for them on a regular basis.
Automox Not Impacted by SiSense
We are aware of the reported security incident involving SiSense. Automox is not directly impacted at this time. However, we are currently conducting a thorough triage of our vendors and partners to assess any potential third-party impact. We will provide updates as necessary on our security portal https://security.automox.com/.
Automox Not Impacted by MOVEit Vulnerabilities
Recently, the security team here at Automox became aware of the news surrounding a high impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.
We want our customers to know that Automox is not impacted by this vulnerability.
We do not leverage this technology/software within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.