Security Enhancements

Build 19

4852

Security enhancement for reinforced detection and prevention of SQL Injections

This optional Security Enhancement (SQL Statement Sanitizer) provides two environment variables to choose from – so that organizations can guarantee that the configuration won’t block their customized code or special projects.

(Contact SysAid Support for details)

21.4.45

65530

We upgraded to the latest Apache released version 2.17.1 to continue addressing the log4j vulnerability

21.4.45

65530

We upgraded to the latest Apache released version 2.17.1 to continue addressing the log4j vulnerability.

21.4.45

65345

Included a fix for the Log4j vulnerability. For more information, click here.

2020

Enforced timeout functionality has been expanded to cover more cases of session inactivity

2020

August 2020: For those of you who enabled the option to allow non-secured (HTTP) access to your SysAid account, please be aware that we’re retiring this option (it’s a checkbox). Instead, all non-secured traffic will be redirected to a secured channel (HTTPS).

2020

Please note that as part of our ongoing commitment to security, we’re tightening the secured connection to our services. As of May 10, 2020, we’ll be blocking the older non-supported TLS protocol versions 1.0/1.1, and will only allow the more advanced secured versions.