As many of you know, a vulnerability recently came to light called Log4Shell which takes advantage of a Java library vulnerability used by organizations and devices around the world. It has been labeled CVE-2021-44228. Many Fortune 100 tech companies rely on this library along with small and mid-sized organizations. Criminal actors are already racing to find ways to abuse this to gain privileged access to launch remote code execution attacks.
The flaw can enable malicious actors to take over devices without the need for sophisticated reconnaissance and targeted attacks. Using this, attackers can take control of servers, endpoints, and even smart phones. The current extent of abuse in the wild is unclear. However, some security companies have identified on-going attacks through scanning.
Touchstone takes a layered approach to cybersecurity. Our XDR (eXtended Detection and Response) offering uses best of breed tools to ensure that our clients are receiving maximum security. We work with companies including SentinelOne, Tenable, Lumu, Automox, Coda Footprint and other solutions to track both network and endpoint security.
Our eXtended Detection and Response approach consists of:
SentinelOne: A Gartner Magic Quadrant leading software offering that enables us to seamlessly monitor clients’ devices for any indication of vulnerabilities. We regularly query devices to identify any CVE’s that haven’t been remediated.
Tenable: Tenable continuously optimizes their #1 vulnerability assessment product Nessus to make it the most accurate and comprehensive solution in the market. 20 years later Tenable is a 2021 Gartner Representative Vendor in Vulnerability Assessment.
Lumu: Lumu allows our U.S. based security experts to look at network data and identify potential anomalies in network flows, access logs, firewalls, spambox filters, and other data. This enables us to provide a second layer of defense for our XDR customers.
Automox: Automox enables complete visibility and control for every Windows, macOS, and Linux endpoint from a single platform – at any scale. Now IT can easily act in real-time to drive greater strategic value and security outcomes for their business.
Coda Footprint: CODA Footprint automatically identifies software, hardware, and business assets. The platform is continuously monitoring and detecting both internal and external customer digital assets no matter where they’re hosted and performs real-time correlations with known and unknown vulnerabilities and configuration errors.
These and other tools enable us to provide an efficient, effective, and layered cybersecurity program. It only takes one hole in your defenses for malicious actors to take advantage and cause a data breach. We focus on providing measurable risk reduction while enabling you to conduct your business with confidence.