Ensuring the security of our software against external vulnerability is a primary concern for Cyara. Unfortunately in today’s world, the threat of bugs and security breaches is all too common. Over the past few days you may have heard about the Bash Shellshock Command Injection Vulnerability. This is a critical vulnerability that has been reported in the GNU Bourne-Again Shell (Bash), the common command-line shell used in many Linux/UNIX operating systems and Apple’s Mac OS X.
Because Cyara software is Windows-based, it was not threatened by GNU Bash. Additionally, Cyara does not use any UNIX or Linux shells. However, the Cyara support team carefully examined this vulnerability, conducted a comprehensive review of all third-party products that may have been affected, and took appropriate steps to patch and secure these third-party products.
You should also be assured that Cyara regularly monitors our applications and infrastructure for security and our industry for any newly discovered threats. We take our service promise to you seriously and will always do our best to protect your systems and your data. Security is never an after thought or add on—it is a part of our core design.
What should you do now?
Cyara customers can be confident that the Cyara support team has taken appropriate steps and there is no further action needed to protect you from the GNU Bash threat through the Cyara Platform. As always, it is always a good idea for you to follow your own security best practices.
At Cyara, our customers are our most important asset. We will continue to closely monitor vulnerabilities that are discovered. If you have any questions or concerns regarding this situation, please contact your account representative or the Cyara Support team.
As always, thank you for being a valued Cyara customer.