- Resources
- Case-studies
- Utilizing a Proven Framework to Uncover Threats From Newly Discovered Vulnerabilities
Utilizing a Proven Framework to Uncover Threats From Newly Discovered Vulnerabilities
Because many organizations struggle to understand whether a breach is actively in progress or has happened at some point in the past, TrustedSec first searches for evidence of a compromise. The Log4j Threat Hunting exploration included network, endpoint, and cloud infrastructure, investigating anomalies that may have taken place.
After following TrustedSec’s Log4j Detection and Response Playbook, an organization was concerned that they might have attackers in their network, as the Log4j vulnerability had been pervasive in their environment. While many attacks are possible with a compromised application, the Log4j vulnerability allows remote code execution without validating the entity’s authentication. Once the vulnerability became public, attackers quickly moved to exploit this ubiquitous code, as it exposes nearly every server to ransomware groups and cryptocurrency miners on the Internet.
SERVICES
- Threat Hunting
- Vulnerability Remediation
- Incident Response
BENEFITS
- Determined extent of vulnerabilities exploitation within network
- Allowed organization to develop playbook for future vulnerabilities
- Found additional ways to harden the organization's network