Kevin BeaumontApr 14, 2024
I wrote up the Delinea Secret Server Cloud security incident situation: https://doublepulsar.com/delinea-has-cloud-security-incident-in-thycotic-secret-server-gaff-581a33990882
Delinea has cloud security incident in Thycotic Secret Server gaff

This is a weird one. Customers of Delinea Secret Server Cloud had a mysterious outage on Friday due to a “security incident” – this was visible on a service status page: Delinea Secret Server – also…

DoublePulsar
Show threadKevin BeaumontApr 14, 2024

As far as I can see Delinea have no responsible disclosure programme or vulnerability reporting contact.

They did, however, do a podcast about how to run one 😬 https://delinea.com/events/podcasts/responsible-disclosure-programs-katie-moussouris-casey-ellis

Podcast: Responsible Disclosure Programs | Moussouris, Ellis

Katie Moussouris and Casey Ellis join Joe and Mike to talk all things responsibility disclosure – the good, the bad, and the ugly.

Delinea
Show threadmaswanApr 14, 2024
@GossiTheDog If only the Chief Security Scientist and Advisory CISO at Delinea had had an opportunity to listen to that episode, maybe they would have been better off!
Show threadIrve
@maswan @GossiTheDog perhaps it was a desperate attempt to force one into existence
Apr 14, 2024 at 9:09amWeb