Acquia security

Acquia takes the safety and security of our platform seriously.

Through our investigations of customer questions and issues raised through our customer support team, we’ve uncovered that there are resources on the internet which present information that can be either misleading or misinterpreted when analyzed outside of an Information Security Program or other similarly-skilled personnel.

Acquia’s Security Engineering team follows an Information Security process which reviews multiple sources of information, but bases scores primarily on the National Security Database (NVD) with the CVSS 3.0 scoring. This database is not the full extent of information, but is key in providing the necessary intelligence for keeping Acquia up-to-date and in the best possible security posture.

Common Vulnerabilities and Exposures

Common Vulnerabilities and Exposures (CVE®) is a list of common identifiers for publicly-known cybersecurity vulnerabilities. CVE is now the industry standard for vulnerability and exposure identifiers. CVE Entries—also called CVEs, CVE IDs, and CVE numbers by the community—provide reference points for data exchange so that cybersecurity products and services can speak with each other. CVE entries also provide a baseline for evaluating the coverage of tools and services so that users can determine which tools are most effective and appropriate for their organization’s needs.

Acquia is aware that websites publish different types of information, representing or categorizing that information as vulnerability data or security advisories, when the information is more accurately described as standard release notes, bug fixes, or other errata. When reviewing such data, Acquia recommends cross-examining or fact-checking against the NVD.

Contact supportStill need assistance? Contact Acquia Support

Acquia: Think Ahead

53 State Street, 10th Floor
Boston, MA 02109
United States
Phone: 888-922-7842

Map: Google Maps
View other locations