Apache Log4j Vulnerability Guidance
The United States Cybersecurity and Infrastructure Security Agency issued guidance about a vulnerability in Apache’s Log4j software on Monday, December 13, 2021. Subsequently, a second vulnerability was announced due to an incomplete patch. Apache Log4j is java software widely used by many companies for logging purposes. It is often included or bundled with third-party software packages.
AsiaPac’s Response
The security of our customer’s safety is a top priority. In response to these vulnerabilities, AsiaPac has taken immediate action to proactively address any critical vulnerability affecting our services.
AsiaPac followed the guidance issued to all Log4j customers in addition to following our internal processes for investigation, analysis, and threat mitigation. AsiaPac will continue to remain vigilant regarding all aspects of this challenging and evolving situation.
AsiaPac is working with each of our customers directly to provide the necessary remediation actions as per our third party products and platforms. AsiaPac will undertake guidance and remediations with our third-party ecosystem to support them.
AsiaPac will continue to update this advisory as additional information becomes available and will provide answers to common questions below. This advisory should be considered the single source of current, up-to-date, authorized and accurate information from AsiaPac regarding our services.
Frequently Asked Questions (Updated December 15, 2021)
-
-
- 1. What remediation actions have been taken?
AsiaPac works closely with each of our customers directly to provide the necessary remediation actions as per the third-party products and platforms. AsiaPac will undertake guidance and remediations with our third-party ecosystem to support them.
- 1. What remediation actions have been taken?
-
-
-
- 2. What is the impact to AsiaPac’s business?
There is no impact to AsiaPac’s business at this time.
- 2. What is the impact to AsiaPac’s business?
-
-
-
- 3. How does AsiaPac protect its environment from potentially affected software?
Generally, AsiaPac does not disclose the details of its Cyber Security program. In response to this vulnerability, AsiaPac has followed the recommendations from Apache and the United States Cybersecurity and Infrastructure Agency. These actions also include patching and increased monitoring. Our security team and partners work 24×7 to protect AsiaPac.
- 3. How does AsiaPac protect its environment from potentially affected software?
-
-
-
- 4. Have AsiaPac’s suppliers and vendors been impacted by Log4j vulnerability?
AsiaPac is engaging with our supply chain and third-party partners to determine if any suppliers or vendors were impacted by this vulnerability.
- 4. Have AsiaPac’s suppliers and vendors been impacted by Log4j vulnerability?
-
-
-
- 5. How do I get help for Log4j vulnerability?
AsiaPac provides ICT solutions across Managed Infrastructure, Cloud and Enterprise Computing.
You may contact us for further assistance.
- 5. How do I get help for Log4j vulnerability?
-
For questions not covered in the FAQ, you may email your inquiry to cyber.response@asiapac.com.sg
Tags: Apache Log4j Vulnerability Guidance, Business Continuity, Cybersecurity, Deep Security, Endpoint Security, Mitigation,
Other blog posts you might be interested in:
Trending posts
- Why Singapore Businesses Need Managed IT Services in 2022
- AsiaPac is now an Authorized Apple Reseller in Singapore
- The Ultimate Cheat Sheet to Full Stack Monitoring
- AsiaPac Technology – M1 and SIM to train a pool of tech talents in Work-Study-Train programme for ICT polytechnic graduates
- What is Daas or Device as a Service?
- 7 Reasons Why Businesses Should Migrate Their IT Infrastructure to Microsoft Azure