On Thursday, December 9, a critical vulnerability (CVE-2021-44228) in Apache Log4j, a widely used Java logging library, was made public. Some are calling it “the most significant vulnerability in the last decade.”
The Onapsis Research Labs maintains a network of sensors that we call the Onapsis Threat Intelligence Cloud. Within 10 days of the initial Log4j attack, Onapsis Research Labs captured over 3,000 attack attempts and observed over 50 variants. With more than 30 SAP applications affected by this vulnerability, it’s important to understand your risk and your exposure points.
During this session Richard Puckett, Chief Information Security Officer at SAP and Sadik Al-Abdulla, Chief Product Officer at Onapsis discuss:
- Threat intelligence around the Log4j vulnerability captured by Onapsis Research Labs
- Implications of the vulnerability on SAP applications
- Considerations for building comprehensive vulnerability management for SAP and business critical applications