A vulnerability scanner alone will not protect you from Log4Shell (Log4J CVE-2021-44228). A layered vulnerability scanning approach to include a web scanner needs to be adopted to ensure all instances and downstream code usage are covered.
The approach should comprise of the following three elements:
Perform local scanning to detect Log4J components
This is achieved by a vulnerability management tool such as Tenable's Nessus Professional
Remote scanning aimed at triggering behaviour related to a Log4J attack – flushing out downstream code usage
This is achieved by a vulnerability management tool such as Tenable's Nessus Professional
Web application scanning (WAS) to test headers and input fields
This is achieved by using a leading WAS such as Tenable.io Web App Scanning
Web application scanning is an absolute must, and needs to be inbuilt into your vulnerability management program – get your free trial of Tenable.io WAS today, or contact us today to gain full protection!
Comments