Mitigating and Detecting Log4Shell: Rapid7 Customer Resources

Customer Documentation: Scan for Log4Shell with InsightVM

Our Vulnerability Management team is actively updating solution documentation as we learn more about Log4Shell. Rapid7 InsightVM customers can visit the Docs site today for the most current step-by-step instructions on detecting Log4Shell with specific scan templates and checks, as well as guidance on assessing the impact of the exploit.

Scan for Log4Shell with InsightVM

On-Demand Webcasts: Learn How to Scan for Log4Shell with InsightVM

Our Technical Teams have recorded walkthrough sessions to help customers address Log4Shell. On-demand recordings cover the information needed to successfully run scans for Log4Shell using InsightVM and identifying affected systems.

Watch On-Demand Webcasts

Detect and Respond to Log4Shell with InsightIDR

Rapid7’s Threat Detection & Response team has deployed several detection rules to identify attacker behavior related to Log4Shell. Please log in to InsightIDR to review both the detection rules and additional guidance to remain vigilant as we learn more about the vulnerability. You can find our guidance in the Announcement Center, under Product Updates.

Detect and Respond to Log4Shell with InsightIDR

Scan Your Apps For Log4Shell

Our team recently launched a new default Out of Band Attack Template that includes Log4Shell detection with InsightAppSec. In this blog, we offer step-by-step instructions to help you set up an attack to test for Log4Shell on your applications.

Test for Log4Shell with InsightAppSec Using New Functionality

Protecting Applications Against Log4Shell With tCell

Our team recently launched a new App Firewall detection within tCell to help customers determine if any Log4Shell attack attempts have taken place. In this blog, we take a deep dive into the various ways tCell can help customers monitor for attacks, block exploit attempts, and identify vulnerable packages.

Protect Applications from Log4Shell with tCell

Update on Log4Shell’s Impact on Rapid7 Solutions and Systems

Rapid7’s infosec team has published a comprehensive blog detailing Log4Shell's impact on Rapid7 solutions and systems. At this time, we have not detected any successful Log4Shell exploit attempts in our systems or solutions. There is no action for most customers using our solutions. For those using on-premise solutions, this post outlines what action they need to take to ensure Log4Shell is fully remediated with respect to our solutions.

Review Log4Shell's Impact on Rapid7 Solutions