API security platform protects from Log4j attacks and brings visibility of APIs to prioritise fixes.
Traceable AI, a leader in API security, announced that its free API security solution could find and stop Log4j related attacks. Organisations can additionally use Traceable AI’s application topology map to see where they are vulnerable to prioritise patching better.
In the days following December 10, 2021, when a critical vulnerability known as Log4Shell was discovered in servers supporting Minecraft, threat actors made millions of exploit attempts of the Log4j 2 Java library. Organisations from all sectors across the globe have been struggling to protect themselves against the vulnerability since, with many still at unknown levels of risk.
“The Log4j vulnerability is prevalent and can affect enterprise applications, embedded systems and their sub-components,” according to Gartner. “Cybersecurity leaders need to make identification and remediation of this vulnerability an absolute and immediate priority.” Further, it states, “This vulnerability and the attack patterns exploiting it are unlikely to subside for some time so that active vigilance will be important for at least the next 12 months.”
Traceable AI’s customers were well-positioned to thwart attempted exploits on their systems due to Traceable AI’s sophisticated approach to application and API security.
“We brought in Traceable AI to mature our security posture. When the Log4j vulnerability hit, Traceable AI helped address the threat by immediately detecting and blocking attacks in progress. We are very happy to have prevented any negative impact to our business and I’m confident we’re prepared to block future variations of Log4j style exploits and maintain protection of our customers’ data,” said Mark Sost, VP of engineering at e-commerce company LeafLink.
The sudden impact of the Log4j vulnerability illustrates the need to anticipate black swan events that can rapidly unravel the security posture of any business or government agency. Organisations need to understand their application’s business logic and exposure to detect and block the sudden arrival of zero-day attacks, such as Log4j before attackers have the chance to target and exploit mission-critical applications and data.
“It’s an unfortunate side effect of doing business in today’s world that every so often a vulnerability will arise that can have a widespread impact. From the start at Traceable AI, we wanted to build a security platform that would weather the sudden arrival of globally disruptive exploits; ensuring our customers have the confidence of protection against those risks and unknown attacks before it impacts their business,” said Jyoti Bansal, CEO and Co-founder of Traceable AI.
Traceable AI provides comprehensive coverage for securing cloud-native applications, both at the edge and within the application, even when cybercriminals evade detection from traditional application security products.
“Traceable AI helped us rapidly identify Log4j vulnerabilities and blocked all the Log4j attacks coming at us. Its application topology map showed us where we were vulnerable and has helped us focus our remediation efforts.” said Natraj Choudhury, head of engineering at financial services provider Zolve.
