Overview

• The Sept. 5 assessment by CTO authorizing official Gabriele Chiulli warned the system could allow persistent, undetectable adversary access.
• Findings included unrestricted data access for any authorized user, no activity logging, and high-severity vulnerabilities in multiple third-party applications.
• Palantir said no vulnerabilities were found in its platform, while Anduril said the report reflects an outdated state and that issues were addressed.
• Army CIO Leo Garciga said most problems were resolved within days or weeks, noted one application still needs work, and said Palantir’s Federal Cloud could receive continuous ATO approval next week.
• Publication of the memo coincided with a roughly 7.5% drop in Palantir’s shares on Friday as NGC2 prototype testing and live-fire exercises continued.