CTO letter - AKIPS security
The recent major security breach within the network-monitoring industry has led to many – providers, users and the media – asking questions: how did such a breach happen? What was its extent? And perhaps most importantly: how can providers prevent it from happening again?
My colleagues at AKIPS and I have reviewed our security practices and I’d like to share some of these with you, so you can better understand how we work to safeguard your network.
I need to state upfront that while AKIPS takes preventative measures to reduce the exposure of being hacked, it does not carry zero risk. We haven’t, for example, conducted extensive penetration testing on our software. However, here are some of the ways in which we keep AKIPS – and your network – as secure as possible:
In 2015, we engineered AKIPS to proactively search for tampering. Every hour, AKIPS automatically scans for anomalies. If someone attempts to modify any part of the software, AKIPS identifies this during its next scan and simply stops working.
Small code base
AKIPS has a relatively small code base considering its complexity and functionality – approximately 160K lines – a fraction the size of other network-monitoring products. This enables us to more readily identify any anomalies or potential weaknesses.
While AKIPS has incorporated approximately 70 third-party packages for supporting functionality (e.g. an html to pdf converter), we select these carefully and we include their security updates with our next release. Our long term goal is to replace these third-party packages with our own software where appropriate.
At AKIPS, we control our own source code. We always compile from scratch from official distributions. We never distribute binaries built by third parties.
As part of our release engineering and security processes, multiple eyes review our branches before we commit each release.
Starting from our 21.1 release, we will provide checksums to our customer forum with each release.
Rest assured that we continue to constantly review and revise our security processes.
From all of us here at AKIPS, have a safe and happy Christmas and New Year.
PS: For a letter from our CEO Paul on the past year and our plans for 2021, click here.