Contact Support Login

REPORT: Rezilion’s Log4j Blindspots Research Analysis

The biggest challenge with Log4j lies in detection within packaged software in production environments: Java files (such as Log4j) can be nested a few layers deep into other files – which means that a shallow search for the file won’t find it.

To estimate how big this Log4j blindspot is, Rezilion’s vulnerability research team conducted a survey where multiple open source and commercial scanning tools were assessed against a dataset of packaged Java files where Log4j was nested and packaged in various formats, all commonly used by developers and IT teams.

Download this new research data to learn:

* Which scanners did better than others? Were any of the scanners able to detect all Log4j formats?

* Side-by-side scanner comparison matrix based on Rezilion’s original research.

* Considerations of Log4Shell within a production environment a development, CI/CD and staging environment.

© 2022 Rezilion. All Rights Reserved.