Slope's commitment to data privacy and security is embedded in every part of our business. This page outlines the high-level details for several of the frameworks, regulations, and certifications that apply to our company and its products.
For more details or other inquiries, please reach out to security@slopesoftware.com.
Documents
Recently, the engineering team here at Slope became aware of the news surrounding a high impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.
We want our customers to know that Slope is not impacted by this vulnerability.
We do not leverage this technology/software within our product and therefore the confidentiality, integrity, and availability of our systems remain unharmed.
After careful review of our infrastructure and SBOM, the Slope team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.
As a helpful resource, you can use this page to determine if certain widely used software in your environment is affected or unaffected: https://github.com/NCSC-NL/OpenSSL-2022/blob/main/software/README.md