Security


Security is of the utmost importance to us at Incognito Software Systems Inc. Our solutions are deployed in mission-critical environments around the world, so we take steps in our development and testing to ensure we don’t introduce any compromises. The team follows the Security Vulnerability Reporting guidelines as published by the Organization for Internet Safety. We also stay on top of common vulnerabilities and exposures (CVEs), and address those that could affect our services.

 

Incognito Statement on Spectra and Meltdown microprocessor exploit

 

CVE-2017-5753, CVE-2017-5715 and CVE-2017-5754

 

No current versions of product from Incognito Software Systems require a new release related to this vulnerability. However it is strongly recommended to install OS security patches for RHEL, CentOS and Debian to address the vulnerability.

 

Our preliminary test results indicate a potential performance impact of 4-12% with these patches.

If you have any questions please contact us.

 

Report a Security Issue

 

Should you discover a security vulnerability in any of our solutions, please reach out to our team at security@incognito.com

 

PGP Public Key

 

Security correspondence from security@incognito.com can be verified and encrypted with our PGP public key. This key is also available from MIT’s public keyserver at https://pgp.mit.edu. The key ID is 5ED4C7ED, and has a fingerprint of E0B0 3DB1 2A74 7DC8 CC77 02AF 72AC AC43 5ED4 C7ED.