Hi Khoros Community,
Khoros is one of our high-priority vendor and we'd like to receive security alerts, for example, if there's any vulnerability detected.
How one can sign up to receive such alerts?
Solved! Go to Solution.
I would expect any security alerts to be also published on https://status.khoros.com/ . Any critical one that cannot be published publicly right away I would expect an email to the account contact(s) on file at Khoros side.
I'm not aware of any additional distribution channel for such alerts.
I am afraid there is no option to receive security alerts. However, Khoros maintains a patch management program with processes specific to corporate and product infrastructure. Khoros Security performs internal vulnerability testing and contracts with independent third parties periodically to identify vulnerabilities. Our teams also follow appropriate vendor security notifications and our support staff is available to help triage any customer discovered vulnerability.
Khoros can rapidly patch relevant systems for critical vulnerabilities, as necessary, with teams working during business hours until resolved. High and medium severity issues are triaged by the relevant teams and added into a future development sprint. Also, Khoros is ISO 27001 certified and is audited on a yearly basis as part of SOC 2 Type 2 audits.
Welcome to the Technology board!Curious about our platform? Looking to connect on social technology? You've come to the right place!