Trust Center

Recently, the security team here at Red Cup IT became aware of the news surrounding a high-impact MOVEit vulnerability. Reputable threat intelligence sources have reported that this incident impacts customers of this solution: https://www.securityweek.com/moveit-customers-urged-to-patch-third-critical-vulnerability/.

We want our customers to know that this vulnerability does not impact Red Cup IT.

We do not leverage this technology/software within our product, and therefore the confidentiality, integrity, and availability of our systems remain unharmed.

Thanks, and please reach out with any questions. Team Red Cup IT

Red Cup IT does not use CircleCI for continuous integration and continuous delivery.

Red Cup IT does not use Microsoft Exchange Server (Cloud or On-Premise)

At Red Cup IT, Inc., transparency with our clients and maintaining our customers' trust are critical to who we are. As you’ve likely heard in the news, Okta released a statement on March 22nd, 2022 regarding a security incident that may have affected their customers. Red Cup IT, Inc. leverages Okta as an authentication provider for internal authentication. Our team has received notice from Okta that neither we nor our customers were affected by this incident.

Red Cup IT, Inc. can confirm that within 24 hours of publishing CVE-2021-44228 in our vulnerability database all services that compose our platform running Apache’s vulnerable Log4j library have been patched to the latest version. We have not detected any successful attempts at exploitation of this attack vector during that time window. Red Cup IT, Inc.'s security response to events pertaining to the Log4j remote code execution vulnerability (RCE) is also strengthened by our defense in depth that leverages network-based firewalls, web application firewalls, and anomaly detection with our platform environment.