Kaseya breached, is Pulseway audited?

[Mr. C]

First Solar Winds and now Kaseya are in the news for being breached by Rusisa: https://www.hstoday.us/industry/kaseya-hit-by-cyber-attack-orders-server-shutdowns/

 

Has Pulseway been audited to see if it's supply chain for the code is breached? 

[Paul]

Hi @Mr. C,

We use static code analysis to ensure that our code doesn't contain any vulnerabilities along with industry standard procedures for reviewing and testing code and binaries before any release.

-Paul

[whatup]

4 minutes ago, Paul said:

We use static code analysis to ensure that our code doesn't contain any vulnerabilities along with industry standard procedures for reviewing and testing code and binaries before any release

Thanks for the info, but I would assume that this is industry standard and that Kaseya used a similar procedure, so in the current situation this is not the relief we are watintg for

[Mr. C]

6 hours ago, Paul said:

Hi @Mr. C,

We use static code analysis to ensure that our code doesn't contain any vulnerabilities along with industry standard procedures for reviewing and testing code and binaries before any release.

-Paul

That is not very reassuring. Pulseway is obviously a target here and really needs to retain a respectable cybersecurity firm to conduct a series of third party audits on the code, the dependencies of the code, and the processes used for building and deploying that code.