Result of this years Pentest and White Box Security Audit

Result of this years Pentest and White Box Security Audit

anDREa has a Pentest Program program as part of the commitment to protect the security of its business information. 

The results are in of this year's:
  1. 20220624 Pentest 2022-Q2/Q3 Report
  2. 20220713 Report Azure White Box Security Audit


    • Related Articles

    • VM template issue: OOBE does not provide a true out-of-the-box-experience

      Created: 2023-01-26 TL;DR: We have identified a low severity security risk regarding the creation of VM templates. We are working with the local Support Team members to mitigate this risk. Introduction One of the features in the myDRE portal is the ...

    • Pentest results are in

      TLDR: none of the findings have any risk associated with them and do not require immediate action. Read more at: 20220624 Pentest 2022-Q2/Q3 Report

    • myDRE is NOT vulnerable for CVE-2022-26809 - Serious Vulnerabilities in Microsoft Windows Workplaces and Servers

      Situation Last “patch Tuesday” Microsoft disclosed and fixed a large number of serious vulnerabilities in Microsoft Windows. One of these vulnerabilities is identified as CVE-2022-26809 with a CVSS score of 9.8 (scale 1-10). CVE-2022-26809 is a ...

    • Vulnerability in Apache Log4j (CVE-2021-44228)

      Background See: https://nvd.nist.gov/vuln/detail/CVE-2021-44228 Impact on anDREa and all its services Production anDREa does not use Log4J or forks in production. Impact: NONE Actions: no action needed update: 2021/12/13 Workspaces that might have ...

    • Awareness - Convenience & Security

      Introduction - the case of copy-paste: local <-> VM On myDRE you cannot copy-paste text from or into a VM. As a Jupyter Lab user myself (Python) that heavily makes use on Google to find solutions, I do miss this copy-paste option. It would be so much ...