Cloudera is investigating the log4j2 CVE-2021-45105 Denial of Service attack vulnerability. We will issue a Technical Service Bulletin (TSB) once we assess the impact of this vulnerability.  Cloudera is aware of both the Log4j2 (CVE-2021-44228) and Log4j 1.x (CVE-2021-41046) vulnerabilities. A TSB was published on 12/12/2021 that details Cloudera products affected by CVE-2021-44228 and their remediation steps. For more details, see our Blog post. After evaluating CVE-2021-41046, no Cloudera products are impacted. For more information, see our Cloudera Community post.

 

Cloudera named a leader in Gartner® Magic Quadrant™ 2022 para sistemas de gerenciamento de banco de dados em nuvem Faça o download do relatório
    • Cloudera Cloudera
    • X
    Entre em contato:(888) 789-1488
    Internacional:+1 (650) 362-0488
    Vendas por e-mail
    Portal de suporte
    Overview

    Transparency is essential to security

    Cloudera's priority is to make your experience with our products safe and secure.  This means you have the information you need to feel comfortable managing your data and utilizing multi-function analytics in the cloud. That’s why we created this Trust Center, to bring together the latest Cloudera security, compliance, and system performance information, accessible from one central location.

    Logos: SOC GxP TISAX FRIS ISO27001
     
    Our approach

    Certified secure

    Cloudera continually strives to apply industry best practices, validated through third-party audits and certifications. For example, our ISO 27001 and SOC 2 Type II certifications help ensure CDP is developed, reviewed, tested, and released following the ISO and AICPA Trust Services Principles. This means CDP Public Cloud is continuously being developed using audited processes and controls to help ensure the highest level of trust and security.

    Security practices

    Security first development

    Earning our customers’ trust is our top priority. We’re committed to building security-focused engineering teams that follow our Secure Software Development Life Cycle (SSDLC). Using developer training, education, and our prescribed security best practices, each of our development teams makes sure CDP features and services are designed with security first.

    Shared responsibility, risk & compliance

    From the beginning, we designed security into the Cloudera Data Platform (CDP) Public Cloud. CDP Public Cloud follows a shared responsibility model, providing customers with complete control over the compute and storage resources running in their public cloud account. With advanced security features such as support for custom AMIs and support for AWS PrivateLink and Azure Private Link, customers can deploy the CDP Public Cloud in some of the most restricted cloud environments.

    Production service operations

    Built to be cloud-native, CDP Public Cloud leverages sophisticated cloud security technologies and runs on the Amazon Web Services (AWS) cloud-computing service, benefitting from Amazon’s secure, world-class data centers, which are certified for ISO 27001, and SOC 1 / SSAE-16. The result is a service that is secure and resilient, giving you the confidence to trust your most demanding workloads with CDP.

    Success stories

    Webinar

    Achieving Cloud Compliance with CDP Public Cloud

    Whitepaper

    Understanding Cloudera Data Platform Security

    World-class training, support, & services

    Your form submission has failed.

    This may have been caused by one of the following:

    • Your request timed out
    • A plugin/browser extension blocked the submission. If you have an ad blocking plugin please disable it and close this message to reload the page.