How to defend your organization against Apache Log4j?

Presented by

Brad Duncan, Threat Intelligence Analyst , Unit 42 Palo Alto Networks

About this talk

On December 9, a remote code execution (RCE) vulnerability in Apache Log4j 2 was identified as being exploited in the wild. Apache Log4j is an open-source logging utility that is leveraged within numerous Java applications around the world. The release of public proof-of-concept (PoC) code and subsequent investigation revealed that the exploitation was incredibly easy to perform. By submitting a specially crafted request to a vulnerable system, the attacker can instruct the system to download and subsequently execute a malicious payload. The Unit 42 Threat Intelligence and product development teams continue to monitor this situation for additional details and updates and will share the latest information on the exploit and how to defend against it.
Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (858)
Subscribers (104743)
Palo Alto Networks is the next-generation security company, leading a new era in cybersecurity by safely enabling applications and preventing cyber breaches for tens of thousands of organizations worldwide. Built with an innovative approach and highly differentiated cyberthreat prevention capabilities, our game-changing security platform delivers security far superior to legacy or point products, safely enables daily business operations, and protects an organization's most valuable assets. Find out more at or call us at 1-877-524-1031.