https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933591#M243 Sorry Conor, just to notify to the stakeholders, what is a likely date for having these vulnerabilities solved? Mon, 24 Jun 2024 19:28:17 GMT fnajera 2024-06-24T19:28:17Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/932733#M236 <P>Hi team,</P><P>&nbsp;</P><P>As you know, when SAS Viya is deployed via marketplace, two managed group nodes are created by the managed application. Obviously we don't have access to those groups. However, Azure Security is notifying about the following vulnerabilities. How can we address them?&nbsp;</P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="fnajera_0-1718654156377.png" style="width: 400px;"><img src="https://communities.sas.com/t5/image/serverpage/image-id/97538i9E22A5CDACC9A0DB/image-size/medium?v=v2&amp;px=400" role="button" title="fnajera_0-1718654156377.png" alt="fnajera_0-1718654156377.png" /></span></P><P>&nbsp;</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="fnajera_1-1718654194127.png" style="width: 400px;"><img src="https://communities.sas.com/t5/image/serverpage/image-id/97539i602BC8E90B73F9BE/image-size/medium?v=v2&amp;px=400" role="button" title="fnajera_1-1718654194127.png" alt="fnajera_1-1718654194127.png" /></span></P><P>&nbsp;</P><P>&nbsp;</P><P>Please let me know if you need further information.</P><P>&nbsp;</P><P>Thank you.</P> Mon, 17 Jun 2024 19:57:04 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/932733#M236 fnajera 2024-06-17T19:57:04Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933046#M239 Any update about this question? We cannot go on production, because security team is concerned about these vulnerability alerts Wed, 19 Jun 2024 17:16:56 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933046#M239 fnajera 2024-06-19T17:16:56Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933413#M241 <P>Thank you for bringing the Azure security recommendations to our attention. We are conducting a review of the recommendations to ensure that the high severity vulnerabilities are addresses first. I will provide an update when that review is complete. Note that some of the medium and low alerts may trigger additional infrastructure costs for additional Microsoft security products or services.&nbsp;</P> Sat, 22 Jun 2024 12:35:52 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933413#M241 Conor_H 2024-06-22T12:35:52Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933590#M242 Thank you so much Conor, Please let me know if you need further information, and we're looking forward to know about the review. Mon, 24 Jun 2024 19:25:46 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933590#M242 fnajera 2024-06-24T19:25:46Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933591#M243 Sorry Conor, just to notify to the stakeholders, what is a likely date for having these vulnerabilities solved? Mon, 24 Jun 2024 19:28:17 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/933591#M243 fnajera 2024-06-24T19:28:17Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/936039#M261 <P>We’ve reviewed the security vulnerabilities highlighted by Microsoft Defender. While we plan to address several issues, we may not resolve all, especially those involving additional Azure services that increase costs.&nbsp;An independent third party has verified our security and conducted a thorough vulnerabilities scan. We appreciate your understanding as we balance security with cost-effectiveness.</P> Wed, 17 Jul 2024 13:16:27 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/936039#M261 Conor_H 2024-07-17T13:16:27Z https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/936076#M262 Thank you so much for your update Conor. Is there a list of the vulnerabilities that SAS may resolve that does not affect costs? So we can inform to the Security Team. Thanks as always. Wed, 17 Jul 2024 19:21:10 GMT https://communities.sas.com/t5/SAS-Viya-Pay-As-You-Go/SAS-Viya-Marketplace-Vulnerabilities-treatment-in-Azure/m-p/936076#M262 fnajera 2024-07-17T19:21:10Z