Level Up Your Kafka Skills in Just 5 Days | Join Season of Streaming On-Demand
Our team was recently notified of unauthorized read-only access to Confluent’s GitHub account stemming from the recent Codecov incident (more information here). The security of our customers and their data is critically important to us, and upon learning of this Codecov breach, our security team took immediate action to assess the ramifications of this incident and implement additional security measures to limit any further impact—including engaging with an industry-leading cyber forensics team to conduct a full-scale investigation and contacting law enforcement.
Our investigation remains ongoing, but here is what we have learned so far:
With regards to the corrective measures we have taken so far, we have:
Confluent has a robust security program that includes assessing the security of our vendors, proactively scanning our source code for vulnerabilities such as hard-coded credentials, and proactive monitoring for suspicious activity in our cloud environments that helps minimize the risk of these types of incidents.
We approach matters such as this with the utmost seriousness. Regardless of what tools are involved or at fault, we ultimately hold ourselves accountable for the security of our customers and the data they entrust us with. We continue to work around the clock to gather additional information and limit the impact of this incident on our systems and our customers. We will continue to provide updates as new information becomes available.
Gartner® published the 2024 Magic Quadrant for Data Integration Tools, which recognized Confluent as a Challenger. Confluent is pushing the industry beyond the outdated dogma of batch processing and improving the way you implement data integration at scale.
This blog post announces the launch of the APAC deep dive of the data streaming report.