Log4j: Why Organizations Are Failing to Remediate This Risk

The Log4j software vulnerability called Log4Shell, found in the Apache Log4j library in December 2021, still poses a threat to billions of Java devices. An advanced feature of Log4j allows both developers and attackers to collect program or potentially malicious information. While some organizations have attempted to address this issue, locating susceptible applications and devices remains challenging. Remediation solutions, such as Configure8, offer tools to identify vulnerabilities, allocate responsibilities, and track progress.