Trinity Cyber’s Protections Insulate Customers Against High-Profile Log4j

12/22/21

Trinity Cyber has protections in place to insulate its customers against the high-profile Log4j vulnerability (CVE-2021-44228) that is being widely exploited by a growing number of threat actors.

• Trinity Cyber’s core technology is not vulnerable to Log4j exploits. We do not employ the affected library in any of our direct systems, so customer data moving through Trinity Cyber is not vulnerable to Log4j exploitation based upon their assessment of the threat surface. Trinity Cyber is constantly monitoring variations of the exploit and will update this information as needed.

• To protect customers and their environments, Trinity Cyber's active gateway technology is performing two important functions. It is actively protecting customers from inbound Log4j exploitation and passively looking for new mutations. These two functions prevent inbound Log4j exploits by closing network sessions and actively hunts for and discover new methods of using and obfuscating this exploit. Trinity Cyber was monitoring their systems throughout last weekend and are actively and continuously tracking variations of the vulnerability to provide ongoing protection for their customers.

While many others were scrambling over the past weekend to monitor and/or patch critical systems, Trinity Cyber’s customers were actively protected from any attempt to leverage this vulnerability. Their preventive solution was in place by Friday afternoon. Rapid countermeasure deployment and the awesome virtual patching capabilities of Trinity Cyber’s technology meant that their customers were protected and that they could rollout a more relaxed patch cycle while knowing that their systems were protected.

If you have any questions about this exploit or Trinity Cyber’s capabilities, please feel free to reach out to pete.forno@trinitycyber.com or via the company email at info@trinitycyber.com.