Apache Log4j2 Resource Hub

This hub is intended to provide quick and convenient access to resources that will help you understand and address Apache Log4j2.

 

Resources include:

 

  • An advisory statement from Brian Wrozek (Optiv CISO)
  • A detailed recommendations and findings document from our Global Threat Intelligence Center (GTIC)
  • A list of Log4j vulnerable vendors
  • Optiv’s Flash Panel featuring four of our thought leaders discussing the Apache Log4j2 issue, providing context, deep insights and guidance
  • An easy-to-use infographic checklist of what steps to take

 

It’s our mission to provide help in any way we can during this impactful event. If you need further assistance or have any questions, please contact us at info@optiv.com.

Advisory Statement from Brian Wrozek (Optiv CISO)

Optiv is aware of a recently disclosed zero-day Apache Log4j2 vulnerability (CVE-2021-44228). Immediately upon learning of this vulnerability, Optiv reviewed our environment for impacted systems. We then followed our vulnerability management procedures to deploy recommended countermeasures, including the necessary patches, where available, to affected systems. We also conducted threat hunting analysis to look for suspicious, malicious activity.

 

Based on the current evidence, we do not believe that any Optiv information or client information, related to services provided by Optiv, was impacted by this event. We will continue to monitor the situation and deploy additional countermeasures, controls and patches when they become available. If Optiv becomes aware of any incidents related to CVE-2021-44228 which affect our clients or their data, we will notify impacted customers without delay.

 

Optiv delivers strategic and technical expertise to more than 7,000 organizations across every major industry.  We take into account the diverse range of security strategy, planning, risk management, threat modeling, monitoring, operations, governance and controls to ensure that our environment remains secured and protected appropriately. Specifically, we receive regular threat feeds from multiple credible sources and a dedicated team performs due diligence to review, analyze and monitor relevant indicators of compromise (IOCs) on an ongoing basis. Additionally, we perform internal and external security assessments regularly to ensure that gaps, if any, are remediated in a timely manner. Lastly, we work with an independent third party annually to obtain a comprehensive due diligence packet that includes a SOC2 Type II attestation as well as assessments such as the SIG questionnaire and a PCI-DSS SAQ-D, amongst others.

 

Optiv is committed to securing our environment and protecting our clients. For more information about this vulnerability, please see Optiv’s Global Threat Intelligence Center (GTIC) Advisory and list of Log4j vulnerable vendors.

 

We will continue to monitor the situation and provide further resources and updates.

 

– Brian Wrozek, Optiv CISO

Speak to an Expert

 

Would you like to speak to an advisor?

How can we help you today?

Image
field-guide-cloud-list-image@2x.jpg
Cybersecurity Field Guide #13: A Practical Approach to Securing Your Cloud Transformation
Image
OptivCon
Register for an Upcoming OptivCon

Ready to speak to an Optiv expert to discuss your security needs?