The recent Apache Log4j 2 vulnerability caused global panic. The software of some large enterprises was attacked. The vulnerability could lead to remote control of equipment, which could lead to the theft of sensitive information and the interruption of equipment services. The Cyber Security Administration of the Ministry of Industry and Information Technology of my country also issued a security risk alert.
According to the news, the Microsoft Azure Sentinel tool recently added a new plug-in to support operation and maintenance personnel to detect whether there are Log4j vulnerabilities in the business. Azure Sentinel is Microsoft’s own local security information and event management tool, which can prevent and stop potential threats. This tool uses AI artificial intelligence capabilities to reduce false alarms, and the official said it can reduce false alarms by up to 90%.
In the content center on the left side of the page, you can access the preview version of the Log4j vulnerability detection tool, which users can use for free. IT Home has learned that the codename of the Log4j 2 vulnerability is CVE-2021-44228, and the vulnerability can be avoided by updating Apache to the latest version. However, a new vulnerability has been discovered in this component recently, and it can be avoided by updating to the latest version as soon as possible.