![]() ![]() Newly vulnerable 3rd party software. Organizations may lack insight into certain applications, such as Software as a Service (SaaS) solutions and other cloud resources. ![]() High fidelity scanning. Consider using file system scanning scripts to identify vulnerable Log4j files or use vulnerability scanners that leverage file scanning.This should include scanning (network and host) and comparing installed software with software listed in CISA’s Log4j vulnerable software database. Continuous enumeration and analysis: Organizations need to perform comprehensive analysis to fully enumerate all Log4J vulnerabilities.For long term mitigation, ensure the prevalence of log4j in all assets is considered and accounted for, including internally developed software and non-internet facing technology stacks. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |