cybersecurity Glossary

What is Log4j?

Log4j is an open source Java component, developed by the Apache Foundation and designed to store event traces.

Due to its ease of use and flexibility, log4j is used in many applications to record information in a log.

The wide adoption of Log4j has come to light after the discovery of a critical vulnerability in this component, which was called Log4Shell, due to the ease with which it allowed commands to be executed remotely on an affected system.

A number of technical articles connected to Log4j and cybersecurity have been made available on Tarlogic’s online platform.

Vulnerability management: This continuous vulnerability scanning service assists in managing the vulnerability life cycle and diminishing the exposure surface.

Emerging vulnerabilities: This service is activated upon the release of a critical vulnerability that might threaten your organization’s perimeter, allowing for prompt action. We investigate the impact of zero-day vulnerabilities on the perimeter around the clock and determine affected assets.

Threat Hunting: A managed service that emphasizes the proactive discovery of suspicious activities and mitigation of threats at endpoints, using telemetry generated by EDR and XDR technologies, and following the methodology specified in the MITRE ATT&CK framework.