Kirkland, WA, United States: <p>Industry experts are naming Log4j one of the most severe internet and computer vulnerabilities they have encountered. The United States Cyber Security and Infrastructure Security Agency (CISA) Director stated that the Log4j vulnerability: “…is <a rel="nofollow noopener" target="_blank" href="https://cts.businesswire.com/ct/CT?id=smartlink&url=https%3A%2F%2Fwww.youtube.com%2Fwatch%3Fv%3DXC3Oqn_yADk&esheet=52559142&newsitemid=20220106005859&lan=en-US&anchor=one+of+the+most+serious+I%26%238217%3Bve+seen+in+my+entire+career%2C+if+not+the+most+serious.%26%238221%3B&index=1&md5=5e90964bc3c85ba3d293f39e56b83a33" shape="rect">one of the most serious I’ve seen in my entire career, if not the most serious.”</a></p>
Log4j is the perfect storm of severity, pervasiveness, and ease of exploitability. It is an open-source code library widely used inside commercial and open-source software applications. The recently discovered vulnerability allows hackers to take complete control of affected endpoints with a single line of code. As a result, finding and fixing every single instance of Log4j and applications that rely on it is critical for corporate networks.
The key to finding all instances of Log4j is the ability to look inside every file in a corporate network and Tanium is the only solution that, in minutes, can look inside every file, and find every instance of Log4j, at scale today.
Tanium is supporting organizations globally in the eradication of Log4j vulnerabilities. The Tanium Platform uniquely enables organizations to manage their exposure by:
Looking inside nested archive folders and files for vulnerabilities
Finding references to Log4j even if they were renamed (maliciously or by design)
Automating software upgrades and patches at scale to all vulnerable systems
Watching, alerting, and remediating any new instance of the vulnerability that is inadvertently introduced post-cleanup
Ring Power Corp. was able to scan every file and folder and find every single instance of Log4j with their entire environment in only minutes. “Tanium Reveal has been critical to us in responding to Log4j. Nobody else was able to search for references to the impacted library in common file formats and detect instances of exploitation. With Tanium, we accomplished in 30 minutes what would have taken months.” – Kevin Bush, VP of IT at Ring Power Corp.
Salisbury University stated “We saw first-hand the strength of Tanium during the Log4j vulnerability crisis. Tanium made us aware of many endpoints that were vulnerable to Log4j through user-installed tools and applications that we weren’t aware of.” – Steven Blankenship, Director of IT
To set up a Tanium evaluation of your environment for the Log4j vulnerability, please contact us at https://www.tanium.com/log4j/.
Tanium is the platform that the most demanding and complex organizations trust to gain visibility and control across all endpoints in on-premises, cloud and hybrid environments. Tanium addresses today’s increasing IT challenges with high fidelity endpoint data — giving IT operations, security and risk teams confidence to quickly manage, secure and protect their networks at scale. Nearly half of the Fortune 100, top retailers and financial institutions, and multiple branches of the U.S. Armed Forces trust Tanium to help see and control every endpoint, everywhere. That’s the power of certainty. Tanium has been named to the Forbes Cloud 100 list of “Top 100 Private Companies in Cloud Computing” for six consecutive years and ranks on FORTUNE’s list of the “Best Large Workplaces in Technology 2021.” Visitwww.tanium.com and follow us on LinkedIn and Twitter.