PM is not affected by log4shell
A statement for our customers.
In December 2021, a new vulnerability was discovered affecting a popular software component known as Apache log4j. This component is used in several applications that use the programming language Java. Since then, this vulnerability has been exploited to target plenty of organizations, leading to large data leaks and other problems.
At Appfluence, we constantly monitor security events as part of our software development and maintenance process. None of the software we develop uses the Java programming language, and thus we’re not directly vulnerable to this exploit. Further, a thorough review of used 3rd party components revealed that the only software piece we use that may have been vulnerable is a data searching/indexing service managed by AWS in their own systems. Even though any potential vulnerability would be restricted to these externally managed servers, out of an abundance of caution we verified that the component versions deployed are all up to date and well patched.
Priority Matrix is one of the first applications to achieve Microsoft’s 365 security certification, and certainly the first in the task/project management category. As part of our annual certification process, we must observe best practices in terms of security, in order to protect the integrity of our customer’s private data.
If you have any questions about Appfluence’s security process, please use the links above to reach out to us.