Apache Log4j2 Resource Hub

This hub is intended to provide quick and convenient access to resources that will help you understand and address Apache Log4j2.

 

Resources include:

 

  • An advisory statement from Brian Wrozek (Optiv CISO)
  • A detailed recommendations and findings document from our Global Threat Intelligence Center (GTIC)
  • A list of Log4j vulnerable vendors
  • Optiv’s Flash Panel featuring four of our thought leaders discussing the Apache Log4j2 issue, providing context, deep insights and guidance
  • An easy-to-use infographic checklist of what steps to take

 

It’s our mission to provide help in any way we can during this impactful event. If you need further assistance or have any questions, please contact us at info@optiv.com.

Advisory Statement from Brian Wrozek (Optiv CISO)

Optiv is aware of a recently disclosed zero-day Apache Log4j2 vulnerability (CVE-2021-44228). Immediately upon learning of this vulnerability, Optiv reviewed our environment for impacted systems. We then followed our vulnerability management procedures to deploy recommended countermeasures, including the necessary patches, where available, to affected systems. We also conducted threat hunting analysis to look for suspicious, malicious activity.

 

Based on the current evidence, we do not believe that any Optiv information or client information, related to services provided by Optiv, was impacted by this event. We will continue to monitor the situation and deploy additional countermeasures, controls and patches when they become available. If Optiv becomes aware of any incidents related to CVE-2021-44228 which affect our clients or their data, we will notify impacted customers without delay.

 

Optiv delivers strategic and technical expertise to more than 7,000 organizations across every major industry.  We take into account the diverse range of security strategy, planning, risk management, threat modeling, monitoring, operations, governance and controls to ensure that our environment remains secured and protected appropriately. Specifically, we receive regular threat feeds from multiple credible sources and a dedicated team performs due diligence to review, analyze and monitor relevant indicators of compromise (IOCs) on an ongoing basis. Additionally, we perform internal and external security assessments regularly to ensure that gaps, if any, are remediated in a timely manner. Lastly, we work with an independent third party annually to obtain a comprehensive due diligence packet that includes a SOC2 Type II attestation as well as assessments such as the SIG questionnaire and a PCI-DSS SAQ-D, amongst others.

 

Optiv is committed to securing our environment and protecting our clients. For more information about this vulnerability, please see Optiv’s Global Threat Intelligence Center (GTIC) Advisory and list of Log4j vulnerable vendors.

 

We will continue to monitor the situation and provide further resources and updates.

 

– Brian Wrozek, Optiv CISO

Optiv Flash Panel: Zero-Day Apache Log4j2 Vulnerability

 

Last week, Apache disclosed CVE-2021-44228, a high-risk, remote code execution vulnerability with very broad reach. Join Optiv’s Flash Panel featuring our seasoned cybersecurity experts as they discuss the ramifications of this pervasive issue and provide their insights toward best next steps clients can take toward defending themselves.

 

Image
Optiv Apache Flash Panel Thumbnail

Panelists include:

 

John Ayers

VP of Advanced Detection and Response, Optiv

 

Curtis Fechner

Enterprise Incident Management Engineering Fellow, Optiv

 

Carl Manion

Vulnerability Management and Remediation Practice Director, Optiv

 

Brian Wrozek

CISO, Optiv

 

Speak to an Expert