Blog Logo

LOG4J: Vulnerability Detection and Remediation

Get to the Point

This is short and sweet because the info is out there, and we just want to direct people to the collective, without the "jump to the recipe" bloat. We are not going to reiterate what has already been provided numerous times elsewhere on the interwebs. What we are going to state is the reinforcement that this particular vulnerability has a very large blast radius. The reach is going to be far and wide, so please perform the necessary due-diligence.

That is easier said than done, so we are providing a couple of references. Arguably the most prevalent resource is via the gov's CISA GITHUB repository. Leverage this resource for up-to-date guidance regarding CVE-2021-44228. They have done an excellent job with updating content as it becomes available.


Further, there may be software in an organization where the use of Log4j is in use but unsure if it is vulnerable, or unsure if the overall software bill of materials includes the affected software. For this situation, leverage reputable Log4j detection tooling.

Local System Scanner

Fox-IT Log4j Local Scanner

Remote System Scanner

Fullhunt Log4j Remote Scanner

YARA Rules

Florian Roth Log4j YARA Rules


This is going to be around for years. We are actively on numerous environments and every single one of them has Log4j. Please take the time to increase your awareness, implement the necessary remediation, and take the high road to safe-guarding persons and property.

Reach out if you need help detecting and protecting. At your service. Stay safe.

comments powered by Disqus