Log4Shell Remediation
The client had an unknown level of exposure to the Log4Shell zero-day vulnerability representing an unacceptable level of risk to the organization.
Project Information
How this Project works
Hale Consulting Solutions LLC was engaged on this effort to assist to:
Identify Vulnerable Assets
A variety of vulnerable and attack surface evaluation tools were utilized to identify applications and assets with the vulnerable versions of Log4J installed on them. These tools included Nexpose, Qualys, Tenable, Xpanse & custom client developed applications.
We incorporated the scan results along with vendor reported vulnerabilities to compile an inventory of vulnerable assets and applications prioritized based exposure (external vs internal), criticality and volume.
Remediate Identified Vulnerabilities
Using this prioritized inventory of vulnerable applications and assets we were able to work with the application and system owners and support teams to remediate the vulnerabilities using a variety of approaches:
- System (OS) patching where applicable
- Application patching where available
- Disabling and/or removal of Log4J components
- Other vendor recommended mitigations where available
Keeping Executives Informed
Throughout the effort we maintained an intranet site (GoogleSite) providing daily reporting on the number of vulnerabilities discovered, the number of vulnerabilities remediated and any issues or requests for escalation needed.
Project Result & Benefits of Project
- 100% Remediation of externally exposed vulnerabilities.
- 100% Remediation of vulnerabilities on critical (Tier 0 & Tier 1) assets and applications
- 98% Remediation of vulnerabilities on non-critical assets and applications
Cybersecurity company Tenable called the Log4Shell exploit "the single biggest, most critical vulnerability ever", Ars Technica called it "arguably the most severe vulnerability ever" and The Washington Post said that descriptions by security professionals "border on the apocalyptic".