Welcome to Ably Realtime's Security Portal. Our commitment to data privacy and security is embedded in every part of our business. Use this portal to learn about our security posture and request full access to our security documentation. If you would like to report a security issue, please see our responsible disclosure page.
A note from us on the recent critical MoveIT CVEs
We do not now or ever have used MoveIT software in our infrastructure, and as such are not affected by these vulnerabilities.
We have not been affected by the latest OpenSSL 3.0 High risk vulnerabilities. Our services rely on third parties for TLS termination, we have assessed them for their susceptibility to the two OpenSSL CVEs and are comfortable that Ably’s public infrastructure isn’t vulnerable to attacks relating to them. We use Cloudflare for our website, and AWS Network Load Balancers to terminate TLS connections for our Realtime infrastructure.
If you think you may have discovered a vulnerability, please send us a note.