Our Vulnerability Management team is actively updating solution documentation as we learn more about Log4Shell. Rapid7 InsightVM customers can visit the Docs site today for the most current step-by-step instructions on detecting Log4Shell with specific scan templates and checks, as well as guidance on assessing the impact of the exploit.
Our Technical Teams have recorded walkthrough sessions to help customers address Log4Shell. On-demand recordings cover the information needed to successfully run scans for Log4Shell using InsightVM and identifying affected systems.
Rapid7’s Threat Detection & Response team has deployed several detection rules to identify attacker behavior related to Log4Shell. Please log in to InsightIDR to review both the detection rules and additional guidance to remain vigilant as we learn more about the vulnerability. You can find our guidance in the Announcement Center, under Product Updates.
Our team recently launched a new default Out of Band Attack Template that includes Log4Shell detection with InsightAppSec. In this blog, we offer step-by-step instructions to help you set up an attack to test for Log4Shell on your applications.
Our team recently launched a new App Firewall detection within tCell to help customers determine if any Log4Shell attack attempts have taken place. In this blog, we take a deep dive into the various ways tCell can help customers monitor for attacks, block exploit attempts, and identify vulnerable packages.
Rapid7’s infosec team has published a comprehensive blog detailing Log4Shell's impact on Rapid7 solutions and systems. At this time, we have not detected any successful Log4Shell exploit attempts in our systems or solutions. There is no action for most customers using our solutions. For those using on-premise solutions, this post outlines what action they need to take to ensure Log4Shell is fully remediated with respect to our solutions.