14 March 2022
We're in the process of migrating the Qwiet application domain from
https://app.shiftleft.io. The Qwiet website, however, will remain at
With this change, we will be able to provide you with increased security and performance.
You can begin using
https://app.shiftleft.io today. We will support the use of both domains through 1 August 2022; at that point, you must use
https://app.shiftleft.io for Qwiet preZero.
What this change means for Qwiet users
Due to the updated domain name, you may need to make the following changes:
- Update any old
slbinaries that might be using
- Update your firewalls; see our updated list of URLs that you should allowlist
- Update any scripts calling Qwiet URLs (e.g., scripts calling the Qwiet API, any Terraform modules you use to deploy Qwiet preZero)
- Update your SAML/SSO configuration
Please ensure that you've updated the domain name by 1 August 2022. We recommend that you implement any necessary changes and test before the changeover date.
25 October 2021
Our research team has learned that the
ua-parser-js package has been compromised with malicious code by threat actors. The versions affected include:
You can read more of our research in this article.
As of 25 October 2021, a review of dependencies used by active I-SCA customers shows that none of the applications scanned by Qwiet preZero are using affected versions of
- Avoid upgrading or rolling back to the affected versions of
- Scan your applications to generate a new SBoM and check for the versions listed above.