:wave: Recently we had a user disclose a security ...
# announcementss
swyx (Airbyte)
08/18/2022, 7:04 PM
๐ Recently we had a user disclose a security incident on this Slack - this is our best recap of what happened and what we are doing in response: https://airbyte.com/blog/improving-security-for-open-source-airbyte-users
If you are running Airbyte unsecured, or versions v0.35 and below, we strongly recommend securing your Airbyte instance and regularly upgrading your Airbyte instance. Airbyte Cloud customers were not affected.
Thank you and we stand by to respond to followup questions and improve our docs to help you be confident in your Airbyte deployments.
octavia thanks 2
๐ 2
๐ฏ 1
n
naresh meda
08/22/2022, 7:29 PMThanks for the blog. We have deployed airbyte on GKE and added IAP authentication with SSL. Web URL is accessible without a VPN. Are there security risks?
s
swyx (Airbyte)
08/22/2022, 7:30 PM
cc @Charles Giardina (Airbyte) @Sherif Nada
swyx (Airbyte)
08/22/2022, 7:32 PM
if you are running v0.36 and above, web URL should be secure
n
naresh meda
08/22/2022, 7:33 PMThanks, @swyx (Airbyte), for the quick response. Yes, we are using the latest version, and SSL is enabled with authentication
s
swyx (Airbyte)
08/22/2022, 7:34 PM
yeah sounds good. i can never say anything is 100% secure but thatโs as good as we recommend right now
thanku 1
๐ 1
2 Views