blog.securityhive.nl Open in urlscan Pro
151.101.66.159  Public Scan

Form analysis
1 forms found in the DOM

GET https://blog.securityhive.nl/

<form role="search" method="get" class="search-form" action="https://blog.securityhive.nl/">
  <label>
    <span class="screen-reader-text">Search for:</span>
    <input type="search" class="search-field" placeholder="Search …" value="" name="s">
  </label>
  <input type="submit" class="search-submit" value="Search">
</form>

Text Content

Skip to content

Cyber Security made easy

Menu



SECURITYHIVE INFORMS LOG4J-VULNERABLE CUSTOMERS USING THREAT INTELLIGENCE

14 December 202117 December 2021Posted in Security info, Threat Intelligence


Dutch Cyber Security vendor SecurityHive managed to inform Log4j-vulnerable
customers around the world on the same day of exploit without extra scans. Due
to our vision, SecurityHive developed several features to make this happen.




ABOUT LOG4J

Apache Log4j is a Java-based logging utility originally written by Ceki Gülcü.
It is part of Apache Logging Services, a project of the Apache Software
Foundation. Log4j is one of several Java logging frameworks. Log4j is an
integral part of the core of many software solutions available for both
enterprises and small businesses. Almost every company uses a solution where
Log4j is being used.


THE VULNERABILITY

New high critical vulnerabilities appear every day. To check an IT environment
for those vulnerabilities, SecurityHive developed a Vulnerability Management
solution. Organizations with Vulnerability Management in their daily processes
intertwined can check for new vulnerabilities automatically.

But, with the Java Log4j vulnerability Affecting UniFi, Apple, Minecraft, and
Many Others, it’s different. The list of vulnerable applications is growing and
being updated in the following days by the National Cyber Security Center
(NCSC). This means, that you’re not known as vulnerable today but, tomorrow you
can. SecurityHive found a way to research all their customers around the world
and figure out who is vulnerable and who is not, on the same day this
vulnerability became known. Without extra scans.

Follow the latest updates regarding vulnerable applications here:
https://github.com/NCSC-NL/log4shell/tree/main/software.




VENDOR STATEMENT

The software of SecurityHive which customers use is not vulnerable for Log4j
since we are not using Log4j in our solutions. However, while SecurityHive uses
solutions in their infrastructure which use Log4j on their part, SecurityHive
was not found to be vulnerable. We are actively monitoring any changes on this
subject and have taken preventive measures.


HOW DID SECURITYHIVE MANAGE THIS?

SecurityHive didn’t wait for the databases to be updated. But, used a built-in
feature instead. Here’s our way of working:

 1. Asset Management, a feature of SecurityHive’s Vulnerability Management
    solution, recognizes all applications. These applications are still known
    once a new vulnerability appears. There are no extra scans necessary to move
    on.
 2. The list of vulnerable applications is what SecurityHive continuously
    monitors.
 3. All customers using vulnerable applications are decomposed from others (in a
    messaging way).
 4. All customers received a message with the latest update regarding Log4j
    vulnerability, for their information.
 5. The vulnerable customers received an extra message with included advise how
    to respond.
 6. New known-vulnerable applications (and customers) receive a message once
    they are vulnerable too.




FUTURE OF THREAT INTELLIGENCE

SecurityHive expects this way of working as a standard in the future. It’s
important that customers can respond fast to new high risks.

This means knowledge of emerging threats is very important to take further
actions. SecurityHive’s global distributed Honeypot network contains several
sensors alerting SecurityHive’s SOC about new threats. These findings will be
applied to improve the scan coverage of its Network Vulnerability Scanner.

Want to know more about SecurityHive or get in touch with one of our experts?
Visit: www.securityhive.nl.


POST NAVIGATION

Gebruikers aan het woord: Van den Brug
Search for:


RECENT POSTS

 * SecurityHive informs Log4j-vulnerable customers using Threat Intelligence
 * Gebruikers aan het woord: Van den Brug
 * De eindsprint, daar is hij weer! 📈
 * Jouw cybersecurity strategie start bij een verbeterproces 📈
 * 😰 Twee cybersecurity incidenten die je hard (kunnen) raken..


CATEGORIES

 * Company info
 * Company information
 * Honeypot
 * Security info
 * Threat Intelligence
 * Uncategorized
 * Vulnerability Management

Proudly powered by WordPress | Theme: Revelar by Automattic