18 December,20 at 10:28 PM
The internal investigation included the review of Centrify environments and networks to verify there is no use of the affected SolarWinds versions in any environment. Centrify reviewed the SolarWinds Security Advisory and the CISA Emergency Directive, and we confirmed with relevant government agencies that we are not affected.
We are continuing to monitor the breach for potential impact, defensive recommendations, and mitigating measures. As a preventive measure, we increased monitoring, including network traffic and access. Centrify is also monitoring vendors to determine whether they are impacted, steps vendors are taking, and mitigating actions for Centrify.
KB-18089: How is Centrify impacted by the TGT delegation update pushed out by Microsoft?
KB-11454: Is Centrify dzdo impacted by the sudo vulnerability in CVE-2016-7032 and CVE-2016-7076
KB-5534: Impact of CVE-2015-5600 on Centrify-Openssh
Centrify 21.2 Release Notes
[Security Corner] Centrify and the Microsoft Enhanced Security Administrative Environment (1/3)
The benefits of integrating security products with a SIEM
[Security Corner] The Sarbanes-Oxley Act and Centrify Server Suite
KB-11514: Does CVE-2018-19788 affect Centrify Linux Agent?
Is Centrify's DZDO command impacted by CVE-2017-1000367 (sudo privilege escalation)?