ThreatMapper VS Log4jAttackSurface

Though the Reddit-Mod war has delivered another excellent find. well several actually, but the one I'm posting now is called "Threat Mapper". Its a security scanner, will a fantastic UI, and works across most infrastructure... including VMs, Containers and the main Cloud Providers..

https://github.com/deepfence/ThreatMapper

If you like Wiz.io but don't have a million dollars or so lying around, I'm finding the community edition of Deepfence (https://deepfence.io/) pretty good.

Magpie https://github.com/openraven/magpie ThreatMapper https://github.com/deepfence/ThreatMapper Cloudquery https://github.com/cloudquery/cloudquery

Company: https://deepfence.io

And deepfence.imo for vurnalbility scans https://github.com/deepfence/ThreatMapper

ThreatMapper is an option for your team member, particularly if you're looking to scan Kubernetes or Fargate environments as the installation is very easy. It's a little more complex for hosts (you need to install a docker runtime on each to run the sensor locally), but should be worth any additional trouble. The GUI gives you a map of workloads, traffic flows, vulnerabilities found on each workload and host, and which are highest risk.

Full disclosure - I work for an open source project called ThreatMapper that performs run-time vulnerability scanning and anything you say might be used to make the project better - thank you!

Checkout this link for knowing Log4j impact on manufacturers https://github.com/YfryTchsGD/Log4jAttackSurface

Just look at the currently ongoing insanity that is the log4j exploit, and how one single exploit has lead to a generic attack that can impact tons of companies. Imagine if a state decided to use voting machines, and someone found this style of exploit in the system.

Last week (Dec 9th) a major vulnerability was discovered in an open source logging project for Java called log4j. The vulnerability called Log4Shell would allow anyone to remotely run arbitrary code if they sent a message in the right format to the server. This is one of the worst attacks your system can be susceptible to and if you are interested in the technical details of the problem, here is an overview. The attack surface of Log4Shell is staggering, Amazon, Apple, Google, and the Apache Server are affected; it can almost not get bigger than this. We will see the real fallout of Log4Shell in the next weeks and months as right now servers worldwide are being scanned and prodded for this vulnerability.

Companies should verify they are not running any exposed Log4j Java code.  Here is a list of impacted 3rd party software for your reference.  If you find a server at risk, there are three potential ways to fix it as follows.

Looking for vendors/software on known lists like https://github.com/YfryTchsGD/Log4jAttackSurface

Blender ist nicht betroffen, #42

It does and was also affected by log4j.

Thanks, sure it isn't complete but it does contain some scary and surprising (at least when first reading, of course the really aren't) things like: https://github.com/YfryTchsGD/Log4jAttackSurface/blob/master/pages/UniFi.md

Apparently there's proof Steam along with many others are vulnerable.