Traceable AI, leader in API security, today announced that its free API security solution, released in August 2021, can be used to find and stop Log4j related attacks. Organizations can additionally use Traceable AI’s application topology map to see where they are vulnerable to better prioritize patching.
In the days following December 10, 2021, when a critical vulnerability known as Log4Shell was discovered in servers supporting the game Minecraft, threat actors have been making millions of exploit attempts of the Log4j 2 Java library. Organizations from all sectors across the globe have been struggling to protect themselves against the vulnerability since, with many still at unknown levels of risk.
“The Log4j vulnerability is extremely widespread and can affect enterprise applications, embedded systems and their sub-components,” according to Gartner®. “Cybersecurity leaders need to make identification and remediation of this vulnerability an absolute and immediate priority.” Further, it states, “This vulnerability and the attack patterns exploiting it are unlikely to subside for some time, so active vigilance will be important for at least the next 12 months.”
Traceable AI’s customers were well positioned to thwart attempted exploits on their systems due to Traceable AI’s sophisticated approach to application and API security.
“We brought in Traceable AI to mature our security posture. When the Log4j vulnerability hit, Traceable AI helped address the threat by immediately detecting and blocking attacks in progress. We are very happy to have prevented any negative impact to our business and I’m confident we’re prepared to block future variations of Log4j style exploits and maintain protection of our customers’ data,” said Mark Sost, VP of engineering at e-commerce company LeafLink.
Also Read: Strategies to Set up Kubernetes Continuous Compliance
The sudden impact of the Log4j vulnerability illustrates the need to anticipate black swan events that can rapidly unravel the security posture of any business or government agency. Organizations need to understand their application’s business logic and exposure to detect and block the sudden arrival of zero-day attacks, such as Log4j, before attackers have the chance to target and exploit mission-critical applications and data.
“It’s an unfortunate side effect of doing business in today’s world that every so often a vulnerability will arise that can have wide-spread impact. From the start at Traceable AI, we wanted to build a security platform that would weather the sudden arrival of globally disruptive exploits; ensuring our customers have the confidence of protection against those risks and unknown attacks before it impacts their business,” said Jyoti Bansal, CEO and Co-founder of Traceable AI.
Traceable AI provides comprehensive coverage for securing cloud native applications, both at the edge and from within the application, even when cybercriminals evade detection from traditional application security products.
“Traceable AI helped us rapidly identify Log4j vulnerabilities and blocked all the Log4j attacks coming at us. Its application topology map showed us where we were vulnerable and has helped us focus our remediation efforts.” said Natraj Choudhury, head of engineering at financial services provider Zolve.
For more such updates follow us on Google News ITsecuritywire News
