Discovered on December 9, 2021, the log4Shell vulnerability is one of the most talked-about vulnerabilities in computing. Because simple text can be used to take control of a device and download anything that is Internet-accessible, companies are taking it seriously. As they should – log4Shell has the maximum CVSS score of 10 (CVSS, Common Vulnerability Scoring System, is an industry-standard for ranking vulnerabilities).
The threat is real, and so is the hunt for information – a Google search turns up almost 4 million results. It’s likely that every enterprise is impacted at some level, and most teams have taken the obvious steps to protect themselves.
But given that most global enterprises have hundreds of devices that have simply been forgotten – it’s very likely that there are entry points lurking unbeknownst in your network.
One of our customers, a global enterprise with 20 data centers and hundreds of thousands of devices, ran a scan to detect vulnerable devices. The scan turned up a vulnerable host, but the team didn’t know its physical location. When your network spans the globe, trying to find one IP address is like flying into a city trying to find one person by going door to door. It’s not a task many people would want, but the company needed to locate and remediate the host.
The security leader responsible for remediation didn’t have weeks to track this device down. Instead, he ran a simple search in Forward Enterprise that located the device in seconds. It was a ghost server in a lab that everyone thought was decommissioned.
Rather than being vulnerable for weeks and spending countless hours trying to track the device down, they identified the problem, located the device, and powered it down the same day – and they were able to do all of this in a “self-service” fashion because the Forward interface is easy to use and understand.
In addition to the saved hours – they know with mathematical certainty that the vulnerability is remediated and they are no longer at risk.
Learn more about how Forward Enterprise can help your security operations team remediate log4Shell by reading the use case.
Or, if you have no time to waste (and who does?), request a demo and we’ll show you exactly how we can help in your situation.