Log4j

Vulnerability Management Update

Last update: December 29, 6 PM CET

This page describes our approach and status of to the Log4j vulnerability and is our Formal Statement. It will be updated in case of changes.

ON2IT customer resources and information

ON2IT Live TV

ON2IT’s own environment

  • We have investigated our systems and services on the presence of this vulnerability.

  • We have patched our systems with the most recent version of relevant software updates as soon as they become available (only if we are affected by that patch, and/or no other mitigations are in place)

  • We have investigated whether our systems are infected and exploited by this vulnerability. No Indicators of Compromise were found.

  • We keep updating our systems with an updated list of Indicators of Compromise.

  • We continuously monitor our systems to detect possible infection or exploitation.

  • We continuously monitor statements and advisories from authorities (such as NCSC).

  • We have implemented Zero Trust segmentation that will by design limit the impact in case a vulnerability is exploited.

With regard to the vendors whose hardware and software we manage in our managed service contracts

  • We continuously monitor new releases of security patches from relevant vendors.

  • We implement security patches and other mitigating measures in case a (new) vulnerability is identified.

  • We continuously monitor all policies in managed instruments against best practices and actively inform customers with advisories for optimal security

Our customers’ infrastructure

  • As part of our Managed Security Services, we continuously monitor customer environments for the presence of this vulnerability and possible exploitation signs.

  • We provide specific security updates and advisories to customers via phone, email and our portal.

  • Beside our general investigation and mitigations, we work together on demand with individual customers, taking into account the relevant management service contracts, parts of the customer infrastructure that are not actively managed by ON2IT and specific needs or requirements related to the Log4J vulnerability, including:

    • detection of vulnerable software
    • scanning tools and active network scanning
    • network monitoring and log analysis with advanced XDR tools for compromise attempts and post-exploitation behavior
    • implementation of policy validations advisories: IOC’s, inbound/outbound/ traffic rules, decryption, blocklists, most recent versions of IOC’’s
    • compliance and regulatory playbooks

Tech Talk Log4j

Yuri BobbertThis Tech Talk is dedicated to the recent Log4j vulnerability and is meant as a Q&A session for anyone who has questions about this high impact vulnerability.

Sign-up