- Why ScienceLogic
- Main Menu
- Why ScienceLogic
Why ScienceLogic
See why our AI Platform fuels innovation for top-tier organizations.
- Why ScienceLogic
- Customer Enablement
- Trust Center
- Technology Partners
- Pricing
- Contact Us
- Product ToursSee ScienceLogic in actionTake a Tour
Experience the platform and use cases first-hand.
- Platform
- Main Menu
- Platform
Platform
Simplified. Modular-based. Efficient. AI-Enabled.
- Platform Modules
- Core Technologies
- Platform Overview
- Virtual ExperienceSkylar AI RoadmapView Now
Learn about our game-changing AI innovations! Join this virtual experience with our CEO, Dave Link and our Chief Product Officer, Mike Nappi.
- Solutions
- Main Menu
- Solutions
Solutions
From automating workflows to reducing MTTR, there's a solution for your use case.
- By Industry
- By Use Case
- By Initiative
- Explore All Solutions
- Survey ResultsThe Future of AI in IT OperationsGet the Results
What’s holding organizations back from implementing automation and AI in their IT operations?
- Learn
- Main Menu
- Learn
Learn
Catalyze and automate essential operations throughout the organization with these insights.
- Blog
- Community
- Resources
- Events
- Podcasts
- Platform Tours
- Customer Success Stories
- Training & Certification
- Explore All Resources
- 157% Return on InvestmentForrester TEI ReportRead the Report
Forrester examined four enterprises running large, complex IT estates to see the results of an investment in ScienceLogic’s SL1 AIOps platform.
- Company
- Main Menu
- Company
Company
We’re on a mission to make your IT team’s lives easier and your customers happier.
- About Us
- Careers
- Newsroom
- Leadership
- Contact Us
- Congratulations2024 Innovators AwardsView the Winners
See how this year’s winners have demonstrated exceptional creativity and set new standards in leveraging the ScienceLogic AI Platform to solve complex IT Ops challenges.
Our Response to RansomWare Attacks
The Wall Street Journal reported this week that a group of Russian hackers calling themselves REvil is demanding $70 million to unlock computers in a widespread attack that started on July 2. This is our response to these attacks.
This week brought news of further cybersecurity threats involving Ransomware attacks on global enterprises via Kaseya software management tool. What we know to date is to classify this as a supply-chain attack similar to the SolarWinds breach from the recent past.
Although there are distinct differences in the methods, the demands and the impact on organizations, the attack vector does have many common traits. The organizations most acutely impacted are MSPs and their enterprise customers who have downloaded the software updates.
In response to inbound inquiries, we at ScienceLogic can confirm that we are aware of events as publicly disclosed and are unaffected by them. We do not run any Kaseya products or more specifically the affected VSA software. As such, we have no known exposure to report.
To further expand on how we protect our flagship product and operations, we list our practices in three critical areas that surfaced from this attack:
- Software Update Process: The ScienceLogic SL1 platform (SL1) software updates require user interaction to validate and deploy the software into production. Through this process, additional checks are introduced before an update can be deployed. For our SaaS customers, upgrades must be approved by a change review board prior to implementation into the production environment.
- Preserving Software Integrity and Security: We believe in creating layers of security adopted throughout the product.
- It starts with our update file which is encrypted and access to it is restricted to SalesForce and Amazon Web Services preserving the integrity of the software.
- Second, our distributed architecture (collectors) built in a hub and spoke system as another layer of defense to minimize the reach of the SL1 appliances.
- Third, SL1 performs data collection using the least privileges required.
- Fourth, our use of Linux as our underlying operating system makes us less vulnerable to commonly exploited Windows attack vectors.
- Fifth, our broad adoption of multi-factor authentication extends to all critical systems including, but not limited to, Salesforce/AWS/source control systems.
- Lastly, every major release of SL1 undergoes rigorous penetration testing by an accredited third-party penetration testing firm. ScienceLogic also performs internal penetration testing to identify potential vulnerabilities in the product.
- Staff and Field Training: To ensure our staff is vigilant against well-known phishing, stolen passwords, and authentication exploits, we’ve been in partnership with KnowBe4 to ensure every employee passes annual security training and quarterly refreshers that demand spot-checks on all staff adhering to well-established processes.
For additional information, please visit: