Log4j2 Vulnerability Mitigation at ThreatX

PUBLISHED ON December 13, 2021
LAST UPDATED January 13, 2022

On December 9, 2021, a vulnerability was reported in Log4j2, an open source tool widely used by developers within Java applications. If exploited, the vulnerability – CVE-2021-44228 – could allow an attacker to perform remote code execution (RCE) on a vulnerable system.  

When the Log4j2 vulnerability was reported, ThreatX immediately began implementing and testing rules to block CVE-2021-44228 attacks against our customers. Since then, we have continued to monitor for Log4j2 attacks and have implemented mitigation measures to protect our customers. The ThreatX platform itself does not use Log4j and is not at risk.

For ThreatX customers, our Attacker-Centric Behavioral Analytics is a critical part of mitigating the Log4j2 threat. Since this attack can be launched in a variety of ways, signature-based defenses will fall short. By monitoring and detecting suspicious behavior over time, ThreatX has identified many versions of the attack and enabled our customers to defend potentially vulnerable servers.

ThreatX is committed to helping our customers defend against attacks on their web applications and APIs. To this end, the ThreatX Security Operations Center is continually monitoring for new vulnerabilities such as the one in Log4j2. As these are uncovered, we will ensure measures are in place that enable the ThreatX platform to protect our customers. In addition, ThreatX recommends all companies perform regular vulnerability scanning and monitor for suspicious behavior that might point to a compromise. Customers with specific questions may contact us at support@threatX.com.

Get instant Log4j2 mitigation and protection, kick off a 30 day free trial.

Tags

About the Author

Bret Settle

Bret has served in multiple executive roles for Corporate Express/Staples and BMC Software and has extensive knowledge of the software development and security products industries. Bret has been responsible for enterprise security in multiple roles and has been an innovator throughout his career and has a proven track record of building and developing high performing organizations and dynamic cyber security teams.