Industry experts are naming Log4j one of the most severe internet and computer vulnerabilities they have encountered. The United States Cyber Security and Infrastructure Security Agency (CISA) Director stated that the Log4j vulnerability: “…is one of the most serious I’ve seen in my entire career, if not the most serious.”
Log4j is the perfect storm of severity, pervasiveness, and ease of exploitability. It is an open-source code library widely used inside commercial and open-source software applications. The recently discovered vulnerability allows hackers to take complete control of affected endpoints with a single line of code. As a result, finding and fixing every single instance of Log4j and applications that rely on it is critical for corporate networks.
The key to finding all instances of Log4j is the ability to look inside every file in a corporate network and Tanium is the only solution that, in minutes, can look inside every file, and find every instance of Log4j, at scale today.
Tanium is supporting organizations globally in the eradication of Log4j vulnerabilities. The Tanium Platform uniquely enables organizations to manage their exposure by:
- Looking inside nested archive folders and files for vulnerabilities
- Finding references to Log4j even if they were renamed (maliciously or by design)
- Automating software upgrades and patches at scale to all vulnerable systems
- Watching, alerting, and remediating any new instance of the vulnerability that is inadvertently introduced post-cleanup
Ring Power Corp. was able to scan every file and folder and find every single instance of Log4j with their entire environment in only minutes. “Tanium Reveal has been critical to us in responding to Log4j. Nobody else was able to search for references to the impacted library in common file formats and detect instances of exploitation. With Tanium, we accomplished in 30 minutes what would have taken months.” – Kevin Bush, VP of IT at Ring Power Corp.
Salisbury University stated “We saw first-hand the strength of Tanium during the Log4j vulnerability crisis. Tanium made us aware of many endpoints that were vulnerable to Log4j through user-installed tools and applications that we weren’t aware of.” – Steven Blankenship, Director of IT
For more such updates follow us on Google News ITsecuritywire News
