HighByte
  • INTELLIGENCE HUB
    • OVERVIEW
    • CONNECTIONS >
      • PI SYSTEM
    • CONDITIONS
    • MODELS
    • FLOWS
    • RELEASE NOTES
  • RESOURCES
    • ANALYST REPORTS >
      • OPERATIONAL DATA PIPELINES
      • THE STATE OF DATAOPS
      • HOW IX LEADERS LOOK AT DATA
    • ARTICLES
    • BLOG
    • GUIDEBOOKS
    • USE CASES
    • WHITE PAPERS
  • TRY & BUY
    • REQUEST A DEMO
    • TRIAL PROGRAM
    • PRICING
  • COMPANY
    • OUR TEAM
    • PARTNERS >
      • AWS
    • CAREERS
    • EVENTS
    • NEWS
  • CONTACT
  • LOG IN

HighByte Blog

Read company updates and our technology viewpoints here.

Our commitment to developing secure solutions

1/5/2022

 
Time to read: 3 minutes
PicturePosted by Tony Paine
We live in a time where attacks on critical infrastructure and the underlying software and hardware that comprise these systems is all too common and will only increase year over year. Rest assured that HighByte is committed to putting security first in its design and implementation of its software solutions.  

Our industry recognizes that a defense-in-depth strategy must be employed when building out a technology stack from various components. This not only applies to an end-user’s use of applications and equipment from various vendors, but even more so by vendors who develop solutions that pull in third-party technology or tap into interfaces and standards that allow for seamless integration with foreign sources of data and information.  
​

One recent example of vendors’ use of third-party technology was the end-of-2021 buzz around security vulnerabilities in Log4j—a widely used component for logging information to various mediums (e.g., text files, SQL databases, console windows, etc.). HighByte Intelligence Hub was not immune to this vulnerability due to its use of Log4j for logging informational and diagnostics event messages within the product.

We became aware of the issue shortly before we officially released HighByte Intelligence Hub version 2.2, allowing us to include an updated Log4j component that addressed the security vulnerability. Unfortunately, this was one of several Log4j security vulnerabilities and patches that the industry would encounter over the course of the week that followed, requiring a couple re-releases of the version 2.2 product with further Log4j patches. Concerned that we would always be one Log4j patch behind, we re-evaluated our use of this component and decided to pull out direct use of Log4j in HighByte Intelligence Hub. This component was replaced with our own logging technology that provides the same capabilities, limits the scope to only the logging capabilities needed by our product, and is available for immediate download.

Though this is just one example, HighByte will continue to put security first in the design and implementation of the company’s solutions. Whether this is within our own intellectual property, or part of a third-party component we rely upon, we are committed to ensuring end-users of HighByte Intelligence Hub can rely on our layer of the technology stack to meet their defense-in-depth objectives.

To learn more about the latest release of HighByte Intelligence Hub and access additional resources, read this blog post by HighByte CTO Aron Semle. If you have questions about the release or product security best practices, please contact us.


Comments are closed.
    Subscribe

    Blog Categories

    All
    AWS
    Cloud-to-Edge
    Connectivity
    Data Modeling
    DataOps
    Data Preparation
    Edge-to-Cloud
    ETL
    Historical Data
    Microsoft Azure
    Product News
    Security
    Sparkplug
    Sustainability
    Unified Namespace

HighByte is an industrial software development company in Portland, Maine building solutions that address the data architecture and integration challenges created by Industry 4.0. We’ve developed the first DataOps solution purpose-built to meet the unique requirements of industrial assets, products, processes & systems at the Edge.
Picture
info@highbyte.com
Picture
+1 844.DATA.OPS
+1 844.328.2677 
Picture
52 Alder Street
Portland, Maine 04101 USA
Privacy Policy | Reference Program | Press Kit
​Copyright ©2023 HighByte, Inc. All rights reserved. 
  • INTELLIGENCE HUB
    • OVERVIEW
    • CONNECTIONS >
      • PI SYSTEM
    • CONDITIONS
    • MODELS
    • FLOWS
    • RELEASE NOTES
  • RESOURCES
    • ANALYST REPORTS >
      • OPERATIONAL DATA PIPELINES
      • THE STATE OF DATAOPS
      • HOW IX LEADERS LOOK AT DATA
    • ARTICLES
    • BLOG
    • GUIDEBOOKS
    • USE CASES
    • WHITE PAPERS
  • TRY & BUY
    • REQUEST A DEMO
    • TRIAL PROGRAM
    • PRICING
  • COMPANY
    • OUR TEAM
    • PARTNERS >
      • AWS
    • CAREERS
    • EVENTS
    • NEWS
  • CONTACT
  • LOG IN