menu
Establish the best security practices with our AWS expertise Scan your system and Log4j Vulnerabilities with us
Establish the best security practices with our AWS expertise Scan your system and Log4j Vulnerabilities with us
Till now you must have heard everything about Log4j vulnerabilities. When the IT space was high with this, we helped our customers to overcome the fear of this threat with AWS Inspector.

Establish the best security practices with our AWS expertise Scan your system and Log4j Vulnerabilities with us

Our client is a logistics platform company. They offer easy-to-use apps to help contractors, dump truck owners, and material producers in providing exceptional services with full visibility and more efficiency. Their logistic platform simplifies retail and supply chain across the globe.

 

In this blog, we will explain how AAIC helped the customer in overcoming the Log4j threat within a quick span of time.

The tension building 

We have been supporting the client with DevOps services to transform their software delivery pipeline. 

The client’s app was using Log4J – the java library. As soon as the Log4j threat was detected and declared as the worst vulnerability in 10 years by Apache, the client got scared of the same and contacted our dedicated AWS security team.

As a leading AWS partner, we help address and solve all cloud and security issues. 

We deployed our AWS security experts to resolve the issues asap. 

The key issues we found were: 

  • Out of 60 instances, 19 instances were vulnerable
  • Possibilities of disclosure of sensitive information
  • Possibilities of addition or modification of data, or Denial of Service (DoS)

Want to enhance your security? Let’s talk. 

How have we mitigated the problems? 

We provided the following solutions to mitigate the Log4j threats: 

AWS Web Application Firewall (WAF)

The first thing we did was check the WAF and set up two rules, i.e. AWS Managed Rules (AMR). These rules offer protection against malicious activities.

  • We set AWSManagedRulesKnownBadInputsRuleSet to inspect the request body and commonly used headers.   
  • We set AWSManagedRulesAnonymousIpList to block requests from services that allow the confusion of viewer identity. 

AWS Inspector

  • We ran an assessment with AWS Inspector to scan the Log4j library.
  • The assessment included 60 instances and was tested against 2 Rules Packages.
  • We checked:
    • Common Vulnerabilities and Exposures
    • Security Best Practices
  • Checked whether the EC2 instances in the client’s app are exposed to Common Vulnerabilities and Exposures (CVEs).
  • Checked whether the client’s systems are configured securely.
  • Checked 60 instances along with the vulnerability of the images.

Looking for AWS consultation and services? Get help now.

Log4j Upgrade

The version of our client’s Log4j library was 2.14.1 which was vulnerable. Hence, our team of AWS security experts upgraded the same to the latest and safe version. 

ECR – Patch Container Images 

We scanned the ECR which is an AWS managed container image registry service. Our team found 10 vulnerabilities in the client’s repository. Hence, we upgrade the images with the right versions and push them to the repository. The AWS inspector checked and verified the same for any threat possibility. 

Restore your security best practices with us 

At AAIC, we help businesses to set up the security best practices to restore business continuity with our AWS security expertise. 

We are automation experts, with an AWS-certified team comprising 60% of our workforce. We assist you in applying intelligence to cloud and DevOps, as our name suggests.

Our AWS certified experts create high-performing cloud apps by utilizing intelligent components and smart integrations to accelerate your digital transformation journey.

Want to know more? Book a free consultation call.