Trust Center

Today, Automox updated our ingress controller in response to the Ingress Nightmare vulnerability released by Wiz Security. Customers may have noticed a brief disruption to remote control and other API services in the console as the upgrades happened. If you have further questions please contact customer support.

As part of our compliance with CISA's Secure By Design Pledge, we are attesting that we long ago eliminated any default passwords in our product, do not allow them, and scan for them on a regular basis.

We are aware of the reported security incident involving SiSense. Automox is not directly impacted at this time. However, we are currently conducting a thorough triage of our vendors and partners to assess any potential third-party impact. We will provide updates as necessary on our security portal https://security.automox.com/.

Recently, the security team here at Automox became aware of the news surrounding a high impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.

We want our customers to know that Automox is not impacted by this vulnerability.

We do not leverage this technology/software within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.

After careful review of our infrastructure and SBOM, the Automox team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.