Discovering Log4J vulnerable applications with CSAT or Microsoft Defender

In the week of December 6th, a critical vulnerability was discovered in Apache Log4J, which is a logging tool used in many Java-based applications. This vulnerability makes it possible for an attacker to remotely exploit this vulnerability and to gain access to the environment. This critical issue requires immediate action.

Many organizations struggle to find out if they use (potentially) vulnerable applications. We are providing a way to check for vulnerabilities using our Cyber Security Assessment Tool (CSAT). With CSAT you can run a scan on your endpoints to figure out which applications in your environment are listed in the overview provided by the National Cyber Security Center in The Netherlands. The NCSC-NL maintains a list of all known vulnerable and not vulnerable software.

All the software applications which are not 100% safe are listed. Be aware, the list is dynamic and continually changing. It provides insights into the currently known vulnerable and not vulnerable applications. As Log4J is a recent vulnerability it is not yet clear what the extent of the vulnerability is, we recommend checking updates on the NCSC-NL list daily.

Discover Log4J vulnerabilities with CSAT

To quickly gain insight in your application landscape which applications are vulnerable and require your attention, you can use QS solutions’ CSAT. CSAT is used by more than 3000 organizations around the world to conduct periodical cybersecurity assessments, to define cybersecurity strategies and action plans. Due to a quick response from our Cybersecurity Engineers, we can provide you with a list of vulnerable applications in your IT infrastructure by running a scan on your servers and workstations. From there, you can plan the right remediation strategy.

While remediating the Log4J issues, we can immediately support you in parallel by creating a plan of approach to improve your overall cybersecurity posture. Want to know more about the comprehensive cybersecurity assessment? Check out our services page.

Discover Log4J vulnerabilities via Microsoft Defender

Organizations using Microsoft Defender for Cloud and/or Defender for Endpoint can also use this solution to immediately begin investigations. Microsoft already expanded their threat detection capabilities to ensure they are surfacing exploitation of CVE-2021-44228 in several relevant security alerts. Microsoft published a post on their Tech Community with instruction to discover the Log4J vulnerabilities via its Defender products. Check out their post here.

Start your remediations now!

Need help to get insight if and how vulnerable your organization is against the Log4J issue? We offer quick services to discover your Log4J vulnerable applications. Register below and we will contact you as soon as possible to help you detect and protect against this recent cybersecurity risk.