An Update On Yesterday’s Auth0 Outage Impacting DNSFilter Customer Logins

by Ken Carnesi on Apr 21, 2021 12:00:00 AM

On Tuesday, April 20th at approximately 16:00 UTC, we began to receive tickets from users stating they were unable to log into the DNSFilter dashboard. At the same time, our API monitors indicated that there were similar issues with the authentication API for DNSFilter.

The investigation immediately uncovered that our authentication provider, Auth0, was having a major outage in their primary (US-1) data center. This outage was not only affecting DNSFilter, but also a large portion of the other 9,000 enterprises that rely on Auth0. The outage immediately triggered our incident response process, and at 16:09 UTC we posted a message to our status page indicating that we were working on the issue and that DNS resolution was not affected in any way; only the ability to log in to the dashboard.

Unfortunately, the message posted to our status page did not make clear that Auth0 was the cause of the outage and could have been more clear that there was nothing to worry about, as analytics, threat blocking, content filtering, etc. were all still fully operational. ‍

Additionally, throughout this time, the DNSFilter support and infrastructure teams maintained the ability to pull data or make network changes on behalf of customers with an urgent need. I want to confirm that at no time were DNSFilter systems impacted. No networks were affected and there was zero downtime, loss of data, or reduction in threat protection for any DNSFilter customer.

That being said, we'd like you to know that we take this incident seriously. Auth0 was chosen as our authentication provider in an effort to provide industry-leading security and privacy for our users. Although DNSFilter has never experienced any downtime from Auth0 in more than five years of use, this incident has highlighted the necessity for us to build clearer customer communications and have a solid run book should an incident of this nature happen again, just as we do with any other critical aspect of our infrastructure.

As of this post Auth0 reports complete restoration of availability and considers the issue resolved.

Please accept our sincere apologies for any concern or frustration for miscommunication around this issue. We are fully committed to learning from this incident and continuing to provide innovative technology that challenges the way the industry thinks about DNS security.

Sincerely,

Ken Carnesi
Founder & CEO

Topics: DNSFilter Updates

DNSFilter and Zorus: What's Next? The Integration Roadmap

Before I dive into the integration roadmap, I want to introduce myself. You might know me as the CEO of Zorus, but since the acquisition of Zorus by DNSFilter, I am now the Chief Product Officer at DNSFilter.

Artificial General Intelligence (AGI) and the Future of Cybersecurity

Artificial intelligence (AI) is making rapid progress in areas once thought uniquely human. AI's role in the arts raises questions around authorship and copyright, while AI-based companions offer empathetic connections that impact mental health and trust.

Domain Generation Algorithms: The Cybersecurity Arms Race at the DNS Layer

Imagine this: Your firewall is blocking thousands of threats every single day. Your endpoint protection is flagging suspicious files left and right. On paper, your defenses look bulletproof. But somewhere, quietly and invisibly, malware is slipping through the cracks—using a tactic so clever it’s practically hiding in plain sight.