Cyber Y'all

Slay the Log4Shell Dragon Playbook TEAM 2 – Hunt and Respond Playbook Struggling with how to tackle the Log4J / Log4Shell Dragon and low on resources? First, as I've said before, start with my “ RAPID LOG4SHELL RESPONSE 1-PAGE CHECKLIST ” to begin immediate actions to tackle this issue.  In that 1-pager, I provide concise guidance to get started quickly.   However, for medium and larger sized companies, this approach might not be enough , although it is a great and immediate start.   Simply patching alone will likely not meet the expectations in the case of the Log4J / Log4Shell vulnerabilities, if there is a breach.  A more comprehensive approach is required to reduce risk.  I’ve therefore put this playbook together to help go above and beyond just a patching-based approach and hope it proves useful.   My goal was to provide something that would help ensure a high enough level of due diligence for risk reduction of this issue.   In this article I’ll provide a TEAM 2 PLAYBOOK o

Slay the Log4Shell Dragon Part 2A - TEAM 1 -  Immediate Protection and Detection Struggling with how to tackle the Log4J / Log4Shell Dragon and low on resources? First, start with my “ RAPID LOG4SHELL RESPONSE 1-PAGER - 8 STEP CHECKLIST ” to begin immediate actions to tackle this issue.  In that 1-pager, I provide concise guidance to get started quickly.  However, for medium and larger sized companies, this approach might not be enough, although it is a great and immediate start.   Simply patching alone will likely not meet the expectations in the case of the Log4J / Log4Shell vulnerabilities, if there is a breach.  A more comprehensive approach is required to reduce risk.  I’ve therefore put this playbook together to help go above and beyond just a patching-based approach and hope it proves useful.   My goal was to provide something that would help ensure a high enough level of due diligence for risk reduction of this issue.   In this article I’ll provide a TEAM 1 PLAYBOOK of recomm