Industry experts are naming Log4j one of the most severe internet and computer vulnerabilities they have encountered. The United States Cyber Security and Infrastructure Security Agency (CISA) Director stated that the vulnerability: “…is one of the most serious I’ve seen in my entire career, if not the most serious.”
Log4j is the perfect storm of severity, pervasiveness, and ease of exploitability. It is an open-source code library widely used inside commercial and open-source software applications. The recently discovered vulnerability allows hackers to take complete control of affected endpoints with a single line of code. As a result, finding and fixing every single instance of Log4j and applications that rely on it is critical for corporate networks.
The key to finding all instances is the ability to look inside every file in a corporate network and Tanium is the only solution that, in minutes, can look inside every file, and find every instance of Log4j, at scale today.
Tanium is supporting organizations globally in the eradication of Log4j vulnerabilities. The Tanium Platform uniquely enables organizations to manage their exposure by:
- Looking inside nested archive folders and files for vulnerabilities
- Finding references to Log4j even if they were renamed (maliciously or by design)
- Automating software upgrades and patches at scale to all vulnerable systems
- Watching, alerting, and remediating any new instance of the vulnerability that is inadvertently introduced post-cleanup
To set up a Tanium evaluation of your environment for the Log4j vulnerability, please contact us at https://www.tanium.com/
Image licensed by unsplash.com