Posted on

How to Detect and Defeat the Log4j2 Vulnerability With Deepfence

Introduction to log4j2 Mitigation

The log4j2 vulnerability like the OpenSSL Heartbleed and Apache Struts vulnerabilities that came before it are poignant reminders to digital businesses that it’s not just enough to respond to a vulnerability by redeploying applications once a patch is available, you also have to be able to discover instances of the vulnerability being exploited in real time in your production platform and stop them. In this tutorial, we’ll show you how to use Deepfence ThreatMapper and ThreatStryker to help you do just that.

Deepfence ThreatMapper is an open-source security observability platform that hunts for vulnerabilities – including log4j2 – in applications in production across containers, Kubernetes, clouds, serverless environments, VMs, and bare metal, and then ranks them based on their risk of exploit. ThreatMapper eliminates the noise and false positives generated by scanning tools by further calculating the risk of exploit for each of these vulnerabilities, so that you can target the issues that present the greatest risk to the security of your applications. 

Posted on

Visualize Attack Paths in Production Environments With ThreatMapper

The huge advances in 'Shift Left' processes makes it possible to deliver code to production that is secure and largely free from vulnerable dependencies. Among other things, these processes typically involve matching dependencies against public vulnerability lists from Mitre, Red Hat, Debian, and other projects.

'Shift Left' Scanning Alone Does Not Go Far Enough to Identify Production Vulnerabilities

Vulnerability lists don’t stand still. CVEs are published through the NVD at a rate of about 50 per day, so the risk of a new vulnerability being found in production is significant. Furthermore, third-party production components may not be scanned in a way that is as rigorous or up-to-date as you would like.