Microsoft Updates Log4j Directive- Gurucul Comments

Free Services to help you during COVID-19 Learn More

Support Request a Demo Contact Us Blog
Informationsecuritybuzz

ISBuzz Staff | informationsecuritybuzz.com »

The Microsoft 365 Defender Threat Intelligence Team and the Microsoft Threat Intelligence Center (MSTIC) has issued a new update to the December 11th guidance for preventing, detecting and hunting for exploitation of the Log4j vulnerability. The MSTIC has encourage Windows and Azure users to remain vigilant after observing the Log4j flaw through December. An expert from Gurucul has provided perspective.

EXPERTS COMMENTS
Saryu Nayyar

| January 05, 2022

Saryu Nayyar, CEO, Gurucul

The Log4j vulnerability continues to be one of the largest and most serious security problems in recent years that attackers continue to exploit despite its disclosure. The challenge is the widespread use of this open-source library and the difficulty in detecting its execution when it can be so deeply embedded down the software stack. Relying on traditional indicators of compromise or pattern matching is insufficient. Analyzing and controlling access to specific applications based on identity along with detection of anomalous behaviors to unearth this somewhat hidden vulnerability can more rapidly provide security teams with identification and prioritization of response actions.

 

Log4j Directive

Log4j Directive
External Link: Microsoft Updates Log4j Directive- Gurucul Comments

Share this page:

Related Posts