Thank you for Subscribing to CIO Applications Weekly Brief
Contrast Security Reveals the Log4j Attack's Effects on Global Enterprises
The code security specialists at Contrast deliver an update on the most severe software vulnerability in history.
Fremont, CA: Contrast Security protects the code on which the global economy gets built. It is the most current and complete Code Security Platform in the business, reducing security roadblocks and enabling organizations to develop and deliver safe application code quickly. The Contrast platform discovers vulnerabilities while developers create code, reduces false positives, and gives context-specific how-to-fix instructions for easy and quick vulnerability repair by embedding code analysis and attack prevention directly into software via instrumentation.
Contrast Security launched Log4j, the most popular piece of free, open-source Java computer language software used by developers worldwide, will continue to impact major organizations such as Apple, Tesla, Microsoft, and government agencies for the foreseeable future.
"This is the most severe software vulnerability we have ever seen. It is incredibly widespread and extremely easy for hackers to exploit," said Arshan Dabirsiaghi, Chief Scientist and Co-founder at Contrast Security.
Contrast, an authority in testing and defending third-party open-source code as it moves through the software supply chain and professional researchers have discovered that Log4j assaults are now getting leveraged for ransomware and data theft. Self-replicating worms and bots have also got found.
Organizations are scrambling to fill the void, but progress has been slow. Apache has also released several patches, but they have got determined to be insufficient, putting the process back each time. Security researchers are beginning to witness service disruptions and verified attacks, including the Canadian and Belgian governments. In addition to verified attacks, corporations decide to disable websites and services to reduce their exposure.
Contrast has defended global corporations and Fortune 500 customers against Log4j assaults since internal data revealed an increase in attacks as early as November 24th — well before the vulnerability got officially reported. Contrast Protect protects customers' applications by defending them against the underlying vulnerability using sandboxes segregating exploitable actions from exploited targets. Customers may arrange permanent fixes without fear of exposure because of this quick protection. In Contrast, customer Success and Service teams have worked around the clock alongside SecDevOps teams and developers to defend vulnerable apps or Java application portfolios.