Rally Status Page
Service Current State 4/19 4/18 4/17 4/16 4/15 4/14 4/13
Rally ALM

Service Events:

Update on Heartbleed OpenSSL Vulnerability

Rally ALM
Our CDN provider has determined after further analysis that their systems were potentially vulnerable to Heartbleed between August 2012 and April 2014. As a result, customers accessing Rally through rally1.rallydev.com may have also been vulnerable to this issue. The bug was fixed before the notice was generally sent out to the internet at large, and Rally and our CDN provider are in process of re-keying our SSL certificate.  We will provide notice once this is complete, at which time our recommendation will be that all users not using SAML Single Sign On (SSO) update their passwords in the user profile.
Rally has been made aware of a vulnerability in OpenSSL and has been working to identify the overall impact to Rally services. At this point we can say that the main Production Rally application endpoints were not vulnerable to this issue. There were a few endpoints (outside of the main Rally application) that were vulnerable and they have all been updated. Rally takes the security of our products seriously and is committed to providing a secure environment to its customers.
All times local ( )