Hi Matt and Jay -
With the security world on high alert due to deficiencies in log4j (https://nvd.nist.gov/vuln/detail/CVE-2021-44228), can you please comment whether log4j is used anywhere within Indigo 7.5 or later, whether the app or reflector service?
Additionally, I am eyeing migrating from 7.5 to 2021.2. My biggest hesitation is the reflector service. While I understand that backhauls from the reflector service to the end-user are TLS encrypted, I am interested to understand additional details about security practices you have put in place to help ensure safety and security of your hosted servers and services. Any details you can share are appreciated, including security procedures, patching policies, change control, exploit / disaster management, etc.
Thanks!
Adam