Is VGS Impacted by the SolarWinds Vulnerability?

December 17, 2020

SolarWinds, an Austin-based IT management software company, was compromised via a software supply chain attack by suspected nation state adversaries. This was considered to be a sophisticated attack that exposed a vulnerability in many infrastructures. The attackers utilized novel attack vectors and tools, tactics, and procedures (TTPs) to target nearly 18,000 companies and government agencies.

At VGS, we do not use SolarWinds, so our first response was to act quickly to determine whether any of our vendors used SolarWinds for IT management purposes. We reached out to vendors that process or store sensitive data via a questionnaire, and fortunately, none of our vendors utilize SolarWinds for IT management.

VGS is not impacted by the SolarWinds compromise. Still, we consider protecting our customers’ data to be our top priority. Every security practitioner knows that security is a process, and that there’s always another guardrail that can be put in place to raise the bar. To that end, we are using this time to accelerate VGS’ overall security posture to the next level, on several initiatives.

We will be following up with additional blog content to share with you some of the other strategies and approaches we have focused on (and share the lessons learned along the way).

If you have any questions about this blog post, please email

Katy Wang Kathy Wang

CISO at Very Good Security


You Might also be interested in...


Some Very Good News: VGS Raises $60M Series C

Mahmoud Abdelkader December 21, 2020

vgs hackathon

VGS Hack Week 2020

Mike Jensen
Kenneth Geers, PhD
December 17, 2020

Bank security

How Today’s Data Security Solutions Are Failing Banks

Channin Gladden December 15, 2020