Log4j: We remain secure
A few days ago, the online world became aware of a security vulnerability in the Java log4j module, which is commonly used in web services around the world. Details about this security flaw are found in across the internet in sites like this.
At Sera4, we took action immediately with a complete security audit of our systems. This notice is meant to help our customers who are doing a security audit. We assure you that Teleporte and Sera4 remains secure and unaffected.
Sera4 does not natively use Java in our technology stack, which is the primary way services are compromised. We identified one internal tool which uses Java and log4j. However, that internal tool is not vulnerable (due to the log4j configuration) and a scan to confirms that security is maintained.
To our customers, Sera4 confirms:
- All of our applications and cloud environment have not been affected by this exploit.
- We use one internal tool which relies on log4j; it was not affected by this exploit. The tool has since been upgraded to 2.17.0 to ensure that future configuration changes do not render the application vulnerable.
To our anyone new to Sera4 and Teleporte, talk to us about how to get started with a keyless access control that is as digitally secure as it is easy-to-use.