UNCOVER LOG4J AND LONG4J VULNERABILITIES IN YOUR DIGITAL SUPPLY CHAIN

 

NO-COST SUPPLY CHAIN RISK ASSESSMENT

You may have patched your infrastructure for Log4j, but third-party calls to libraries and services could still leave you vulnerable to exploits such as LoNg4J.


This reality requires IT security teams to consider the entire digital supply chain during their remediation efforts. Best-practice recommendations to identify hidden Log4j components in your application partners include:


  • Expanding your testing parameters to include third-party targets
  • Monitor outbound DNS requests 
  • Use multiple detection methods and approaches
  • Test for longer durations to accommodate operations such as log analysis, event correlation, third-party redirects and new exploits such as LoNg4j
  • ZERO footprint - No software, sensors, redirects or configuration changes required


Looking to determine the impact of Log4j and LoNg4j on your digital supply chain?


Fill out the form and get a no-cost assessment that gives you an attacker's view from the outside in to evaluate risk.

 

Request FREE Assessment

 
//This script prevents Marketo form submission if a user enters non-business email (Gmail, Hotmail, Yahoo, etc.) //It will work on any page with a Marketo form, and runs when the form is ready //For further info, please see Marketo form documentation, http://developers.marketo.com/documentation/websites/forms-2-0/ //Prepared by Ian Taylor and Murtza Manzur on 9/9/2014