Message from Progress About Recent Vendor Vulnerabilities

The level of sophistication, volume and speed at which new security vulnerabilities, such as those experienced by Solarwinds and more recently, by Kaseya, continue to increase exponentially. They serve as a stark reminder to the whole industry that proper vulnerability management and patching practices are of critical importance. Our security teams continuously revisit our procedures and protocols in the ordinary course of business and then reevaluate them when new vendor vulnerabilities, such as these, are exposed and as we learn further information. We want to assure our customers that a highly organized security team is in place to address the many aspects of a capable security program, with vulnerability and patch management at the top of our priorities list.

Progress networks, infrastructure, business applications and products are all subject to a rigorous program of scanning, patching and configuration tuning, to ensure security is well maintained. Progress is continuously in close communication with its key vendors about the security of their products and we work hand-in-hand to ensure any vulnerabilities are quickly identified and addressed. Multiple security personnel, across the company, monitor our various environments for vulnerabilities and patching opportunities. Critical patches are applied with great speed.

At Progress, security, and especially vulnerability management, will always remain a top priority. If you have any questions regarding this message or Progress security practices, please contact security@progress.com and we will quickly address those questions or concerns.