At Randori, our mission is to arm defenders with the attacker’s perspective. As such, we compiled a report that outlines the most “attackable” targets (aka the most interesting internet-exposed application) affected by Log4j.
While some felt massive blowback from Log4j exposures on their attack surfaces, others managed to weather the storm without major incident. By understanding how attackers choose what assets to go after during such exposures, defenders can help put their company in the latter category.
In the report you’ll learn: