We have a robust security program which includes working with many external security researchers when we or a third-party discover vulnerabilities, we have a formal triage process that ensures that we appropriately prioritize and resolve/mitigate the vulnerability. At Evernote, we have not found any evidence that the vulnerability reported by Guardio has been exploited. The original Guardio press release is here: extension-300866322.htmlĪs mentioned in the CyberScoop coverage above, Guardio does not believe that anyone took advantage of the bug.
Here’s another piece of coverage with more accurate and specific information. Jumping in with a couple of observations: Hey Folks, I am Jesse Lesperance and am the Head of Security at Evernote.
0 kommentar(er)
