Security News > 2023 > June > The Log4j vulnerability – how can we all do better next time?

"Log4j was a wakeup call for many people about how technology is structured and how it is used," he explains.

Once they spot a zero-day vulnerability, attackers need to figure out how best to maximise their returns from it, safe in the knowledge that no defence lies between them and their malicious objectives.

There will always be an inherent difference between how a user behaves and how an attacker behaves.

Once the Darktrace software has learnt how legitimate users are using a network, it has an opportunity to spot when someone is on the network who shouldn't be there.

It's a powerful tool that gives defenders a much better understanding of how they are exposed to potential wrongdoing, says Lewis.

It remains absolutely vital for organisations to realise how one compromised user can lead to compromise in other parts of the estate however: "Attackers will look to jump from one platform to the next, identifying critical pathways through environments that give them the least possible resistance," he adds.

News URL

https://go.theregister.com/feed/www.theregister.com/2023/06/22/the_log4j_vulnerability_how_can/