Prism Platform is helping clients identify and address systems affected by the recent Log4j vulnerability (CVE-2021-44228).
Log4j is a popular product from Apache, which is used by millions of people to log requests for Java applications. Last week, a serious security vulnerability was found in the product that could allow attackers to remotely control affected servers.
The Rootshell team have taken swift action to help clients manage the risk posed by the vulnerability.
Fast Log4j analysis with Prism Platform
Moments after the Log4j flaw was identified, vulnerable Prism users were recommended to review their data in the platform via email.
As a central place to consolidate results from vulnerability scans and penetration tests, Prism provides the ability to easily analyse data to determine affected systems. This is a huge time saver for clients, who would otherwise need to sift through their vulnerability data in ticketing systems, PDF reports, or spreadsheets.
If a client identifies an affected system, they can utilise the platform to take remedial action fast and efficiently, such as tagging issues that could be vulnerable to the Log4j vulnerability and assigning issues to colleagues.
Industry-Leading Managed Vulnerability Scanning
Proactive Log4j-specific scans for Rootshell’s Managed Vulnerability Scanning (MVS) clients were undertaken shortly after the exploit was announced. Clients can rest assured that the team will continue to assess and mitigate risk on their behalf.
Rootshell’s MVS clients have a Premium Prism licence included with their service, so can benefit from receiving and managing their results within the platform.
Free reviews for Prism users
The Rootshell team are offering free reviews of data within Prism Platform to all users. These reviews will help identify any systems that could be at risk, allowing us to recommend if further investigation is required.
Get in touch to find out more about how our services can support you.