all InfoSec news
Log4 detection by enterprise tools
Jan. 16, 2022, 1:31 p.m. | /u/ChipmunkDue2816
cybersecurity www.reddit.com
Hi all, just wondering how enterprise VM tools as such Tenable, Rapid7 or Qualys are dealing with the log4 detection and remediation.
According to users none of them are able to detect the workaround (e.g.: remove the java class from to the jar file) applied in a host but only if vulnerable log4j is present in a directory.
For those which are using those tools, are you able to confirm it? Thank you!
P.s.: I am not considering remote scans …
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Database Security Engineer, Assistant Vice President
@ MUFG | Tampa - 4050 West Boy Scout Blvd.
Senior IR & SecOps Engineer
@ JFrog | Tel Aviv
Consultant ITSCM / IT-Notfallmanagement (m/w/d)
@ Schwarz Gruppe | Berlin, DE
Freelancer Auditor Information Security - ISO 27001 - Netherlands
@ LRQA | Rotterdam, NL
GG9b-Assoc Eng II, Services
@ HARMAN International | IN Bengaluru EOIZ Indust Area Campus HCS