• Skip to primary navigation
  • Skip to main content
  • Skip to footer
ControlCase No Tag LOGO md

ControlCase

IT Certifications, Continuous Compliance and Cybersecurity Services Provider

  • Company
    • About Us
    • Careers
    • Locations
    • Team
  • Industries
    • Business Process Outsourcing
    • Cloud Service Providers
    • Retail
    • Telecom | Entertainment
  • Certifications
    • PCI DSS Certification
    • CSA STAR Certification
    • GDPR Assessment
    • HIPAA Assessment
    • HITRUST Certification
    • ISO 27001 Certification
    • FedRAMP 3PAO Services and NIST 800-53
    • CMMC Compliance: NIST 800-171
    • MARS-E Assessment
    • P2PE Certification
    • PA DSS Certification
    • SOC2 Report
  • Solutions
    • Continuous Compliance Solution
    • One Audit
    • Card Data Discovery Software
    • Data Security Rating
  • Testing
    • Application Reviews
    • Application Security Training
    • Code Reviews
    • Card Data Discovery
    • External Vulnerability Scans
    • Firewall Security Reviews
    • Internal Vulnerability Scans
    • Log Monitoring
    • Penetration Testing
  • Resources
    • Events
    • News
    • Webinars
    • Courses
    • Newsletters
    • Blog
  • Contact Us

Log4j Vulnerability: What You Need to Know
& Free Resources

You are here: Home / Blog / Log4j Vulnerability: What You Need to Know & Free Resources

On December 9, 2021, Chen Zhaojun of the Alibaba Cloud Security Team discovered CVE-2021-44228, a.k.a. Log4Shell, a high-severity vulnerability that affects the core function of Log4j, which is a logging library utilized by many Java programs developed in the past 10 years.

The Log4Shell (CVE-2021-44228) promotes the ability of others to remotely execute code – and access all data on the impacted device in addition to running any code at will.  Maintaining business continuity is critically important to all of us, especially in the face of the global Log4j vulnerability and other exploitations.

There are several excellent resources emerging in the face of this vulnerability:

  • CISA has published an Apache Log4j Vulnerability Guidance page:
    https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance
  • Log4j Security Vulnerabilities page:
    https://logging.apache.org/log4j/2.x/security.html
  • CISA’s Cyber Essentials:
    https://www.cisa.gov/cyber-essentials

ControlCase Policy and Procedure Templates which may protect against future attacks:

  • Business Continuity Plan Policy and Procedures Template:
    https://www.controlcase.com/business-continuity-policy-template/
  • Incident Management Policy Template:
    https://www.controlcase.com/incident-management/
  • IT Security Policy Template:
    https://www.controlcase.com/it-security-policy-template/
  • Vulnerability Management Template:
    https://www.controlcase.com/vulnerability-management-templates/
Get Your Free IT Security Policy Template
Download Now

  • Facebook
  • LinkedIn
  • Twitter
  • YouTube

Footer

Connect

Corporate Headquarters
12015 Lee Jackson Memorial Hwy, Suite 520, Fairfax, VA 22033

Send us a message

Call Us

About Us

ControlCase is a United States based company, headquartered in Fairfax, Virginia with locations in North America, Europe, Latin America, Asia/Pacific and the Middle East to serve our clients globally.

Quick Links

  • Company
  • Team
  • Careers
  • Locations
  • Covid-19 Notice

Certifications, Assessments and Reports

  • PCI DSS Certification
  • CSA STAR Certification
  • GDPR Assessment
  • HIPAA Assessment
  • HITRUST Certification
  • ISO 27001 Certification
  • FedRAMP and 3PAO Services
  • MARS-E Assessment
  • P2PE Certification
  • PA DSS Certification
  • SOC2 Report

© ControlCase LLC 2023 | Privacy Policy | Impartiality Statement | Legal Notices