Qualys Launches New Profiles and Search Lists to Combat Log4Shell
Qualys has introduced two new option profiles and two search lists to help users detect Log4Shell vulnerabilities. The profiles, 'Log4Shell - Authenticated Scan' and 'Log4Shell - Unauthenticated Scan', cater to different scanning needs.
The 'Log4Shell - Authenticated Scan' is designed for authenticated scans, while the other is for unauthenticated scans. Both profiles come with pre-defined search lists that include Log4Shell QIDs.
Qualys has also released two search lists: 'Log4Shell Dynamic Search List' and 'Log4Shell Static Search List'. The dynamic list includes CVE-2021-45046, CVE-2021-44228, CVE-2021-4104, and CVE-2021-45105, while the static list aids in detecting the Apache Log4j2 Zero-Day Exploited in the Wild (Log4Shell).
To import these profiles, users can go to 'Scans' > 'Option Profiles' > 'New' and select 'Import from Library'. Making the option profile 'Global' ensures it's available to all users in the subscription.
These new resources from Qualys provide users with targeted tools to swiftly identify and address Log4Shell vulnerabilities in their environments. The option profiles are tuned to quickly detect these issues, ensuring better security.
Read also:
- Global Content Dissemination Through Cross-Linguistic Voiceovers
- JLR Fights Back After Cyberattack, Secures $7B in Funding, Appoints New CEO
- A2C Teams Up with Privacy4Cars to Strengthen FTC Compliance for Auto Dealers
- Mandated automobile safety technologies in the EU may be deemed "irrational," "erratic," and potentially dangerous, experts caution.
