With the news of sophisticated hacks at Solarwinds and FireEye as well as various government agencies, we have understandably received questions from customers concerned about any potential impact at Amperity. We wanted to take a moment to discuss how the Solarwinds vulnerabilities relate to Amperity’s security as well as additional practices we have in place to protect your data.
Amperity does not use any products affected by the hack
First and most importantly, Amperity does not currently use Solarwinds Orion or any of the other affected Solarwinds products. This means that our infrastructure is not vulnerable to the techniques used to attack FireEye and government agencies.
Amperity does use one Solarwinds product named Loggly which has no overlap with the compromised Solarwinds products. Loggly (which was purchased by Solarwinds in 2018) is used to aggregate and search system logs and is considered to be of low-value to any attacker.
It is also worth noting that the tools stolen from FireEye are primarily designed to exploit vulnerabilities in Windows. Amperity does not run any Windows machines either on-premises or in the cloud.
Continuous network anomaly and vulnerability monitoring
At Amperity we leverage a suite of tools to monitor our infrastructure 24/7, ready to alert our security team of any anomalous network activity or critical vulnerabilities. We are also following this story closely as it unfolds, learning from the experience, reevaluating our threat models, and preparing to act if new threats are uncovered.
The safety of customer data continues to be Amperity’s top priority. You can find more information about how we handle security here, and if you would like to learn more or have any questions please reach out at firstname.lastname@example.org.