Kapiche has implemented best-in-class security practices to keep customer data safe.. At Kapiche, we protect your data like it's our own
Trust Center Updates
Kapiche's Response to HTTP/2 Rapid Reset Attack and Curl VulnerabilitiesVulnerabilitiesCopy link
Kapiche is aware of CVE-2023-44487, also known as "HTTP/2 Rapid Reset Attack," related to HTTP/2 capable web servers where rapid stream generation and cancellation can result in additional load which could lead to a Denial of Service. Kapiche's infrastructure is designed with various protections to address Layer 7 request floods, however, we have implemented additional mitigations and patches address this issue.
Kapiche's Response to the 2022 OpenSSL 3 VulnerabilitiesIncidentsCopy link
After careful review of our infrastructure and SBOM, the Kapiche team has determined that we are not currently vulnerable to the OpenSSL 3 vulnerabilities CVE-2022-3602 and CVE-2022-3786 that were disclosed on November 1, 2022.
As a helpful resource, you can use this page to determine if certain widely used software in your environment is affected or unaffected: https://github.com/NCSC-NL/OpenSSL-2022/blob/main/software/README.md