Tenable Uses Sprocket Security For Log4J Research
Sprockets Research on Log4J is referenced at Tenable for one of their plugins.
From The Plugin
"A remote code execution vulnerability exists in Ubiquiti UniFi Network in the bundled Apache Log4j logging library. Apache Log4j is vulnerable due to insufficient protections on message lookup substitutions when dealing with user controlled input. A remote, unauthenticated attacker can exploit this, via a web request, to execute arbitrary code with the permission level of the running Java process."
Media Contact
Marketing,
Sprocket Security
marketing@sprocketsecurity.com
Continuous Human & Automated Security
The Expert-Driven Offensive
Security Platform
Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.
Expert-Driven Offensive Security Platform
- Attack Surface Management
- Continuous Penetration Testing
- Adversary Simulations