Virtualization Technology News and Information
Article
RSS
Qualys Offers Free Access to Its Web Application Scanning App to Help Organizations Quickly Find Log4Shell Vulnerabilities

Qualys, Inc. announced it is making its Web Application Scanning (WAS) solution available free for 30 days, to help companies protect against Log4Shell.

The Apache Log4Shell zero-day RCE vulnerability has raised alarms at companies around the globe, with U. S. government officials calling it "one of the most serious flaws they've seen." The vulnerability poses potential threats for almost every single web application, with the list of known exploits growing daily. 

Web Application Scanning capabilities are essential to detect these vulnerabilities as they simulate the attack of Log4Shell exploits. To help customers protect themselves from this threat, Qualys is making its WAS app, which scans web applications and APIs for the Log4Shell (CVE-2021-44228) vulnerability, available free for 30 days. 

Qualys WAS makes accurate detections of applications vulnerable to Log4Shell through its advanced out-of-band detection mechanisms. To identify vulnerable sites, WAS uses specially crafted payloads to simulate the same attack pattern malicious actors use.  Vulnerable sites are quickly and easily identified for remediation, shutting the door on attackers before they ever know you are exposed. 

"Log4Shell is the most alarming vulnerability we've seen in the last decade and helping the community battle this unprecedented threat is at the forefront of our focus," said Sumedh Thakar president and CEO of Qualys. "Many organizations are scrambling to find ways to detect their exposure to Log4Shell. We hope the free access to our app along with the open-source scripts we released will help security teams rapidly assess and secure their external web attack surface." 

To sign up for the free, 30-day WAS service, visit qualys.com/was-log4j-trial.

For more information on using WAS to detect Log4Shell, read their blog, Is Your Web Application Exploitable by the Log4 Shell Vulnerability?  

Published Friday, December 17, 2021 10:06 AM by David Marshall
Filed under:
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Calendar
<December 2021>
SuMoTuWeThFrSa
2829301234
567891011
12131415161718
19202122232425
2627282930311
2345678