a member of groupelephant.com

beyond corporate purpose

Evolutio and EPI-USE Labs, both groupelephant.com businesses, help organizations understand the Log4Shell vulnerability and take appropriate mitigating and remedial steps

December 23, 2021
1:00 PM (EST)
December 23, 2021
1:00 PM (EST)

Enterprises from across the globe have sought quick assistance, particularly those with complex IT environments leveraging SAP software, Cisco AppDynamics monitoring, and needing to address vulnerable enterprise applications.

CHICAGO, IL | December 23rd, 2021

Specialists from Evolutio and EPI-USE Labs are assisting organizations with guidance, identification, and mitigation of the vulnerability in the Log4j framework, now colloquially referred to as Log4Shell. It has been at the top of the to-do list for enterprise IT and Security teams as the 2021 calendar year ends.

Devin Stonecypher, Director of Security at Evolutio, explains the threat in the following way, “There are three factors that make Log4Shell so dangerous. First, the vulnerable library log4j is widely deployed. Secondly, the vulnerability is shockingly easy to exploit. Third, exploiting gives attackers the ability to run arbitrary code remotely on compromised systems."

On December 9th 2021, the critical zero-day vulnerability in the Apache Log4j framework was disclosed publicly, denoted in the Common Vulnerabilities and Exposures (CVE) catalog as CVE-2021-44228. The Apache Software Foundation assigned it a Common Vulnerability Scoring System (CVSS) rating of 10, the highest possible score.

Organizations might be exposed without even realizing it, since the Log4j library is prevalent in numerous frameworks, tools, and runtime environments. A vulnerable application might even allow access to other unrelated applications and data stores.

Stonecypher has been maintaining a hopeful outlook with enterprise clients, while educating them on the fundamentals when they need it. “Hidden deep inside all applications are code libraries that the application developer did not write, and that they did not personally vet. These libraries are little (sometimes not-so-little) bundles of pre-written code that perform a specific function or set of functions. Log4Shell has similarities to the SolarWinds vulnerability, as both are Software Supply Chain Vulnerabilities. The vulnerability that led to the SolarWinds incident was a malicious inclusion (an attack) in a library, and the Log4Shell vulnerability is currently believed to be an accidental inclusion in the Log4j library. But both are vulnerabilities in the software supply chain,” said Stonecypher.

Jaco Prinsloo, Principal at EPI-USE Labs and a strategic partner of Evolutio, said “SAP, AppDynamics, and most other software vendors have been issuing security advisories, detailing which products are affected and how. We've seen some clients respond well to these security advisories, with strong in-house experts that can implement the mitigations and ensure the vulnerabilities are truly patched. Yet some clients have been struggling, and patently need help to effectively mitigate these vulnerabilities.”

Prinsloo goes on to say that “certain clients that we've been talking to were surprised by the extent of this vulnerability. They understand that some of their products run on Java, but didn't realize just how many. SAP, for example, makes extensive use of Java for a number of their services and products.”

Evolutio’s CEO Adam Ties said “immediately when the news broke, our clients began feeling the pain, which intensified throughout the weekend. Because of our ability to help with solutions and guidance we prioritized our response, given the significant risk of highly-adverse implications arising from this security event.”

Evolutio and EPI-USE Labs are providing advisory calls with their specialists, to validate that organizations are addressing the vulnerabilities correctly. They have offered automated scanning and modern tooling to find vulnerable applications, with particular emphasis on IT environments that have SAP software or Cisco AppDynamics monitoring in place. The two organizations have offered assistance with the actual mitigation, especially in more complex scenarios. And lastly, Evolutio and EPI-USE Labs can provide advice on how to safeguard systems going forward, including suggestions on tooling and risk management.

ABOUT EVOLUTIO (https://www.evolutiops.com):

Evolutio specializes in helping organizations solve the operational challenges of building and scaling complex enterprise applications, bringing simplicity and governance to the chaos through four practice areas: Observability, Automation, Security, and Data Science. Their professional services deploy and optimize proven technologies to maximize revenue, grow brand loyalty, and deliver a premium digital experience.

ABOUT EPI-USE LABS (https://www.epiuselabs.com):

EPI-USE Labs provides software and services to enhance the performance, security, and management of their clients’ SAP® systems. Their software, value-added solutions and managed services create better, more powerful and secure systems for more than 1,000 organizations using SAP, worldwide.

Ready to see what we can do for your organization?

Contact Us
Cookie Consent

By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy and Cookie Policy for more information.