Company

About Us

Achieving your business goals—that’s what we believe in. Difenda’s value-driven approach to cybersecurity puts your success first, without compromise.

Partners

Our partners benefit from the ability to provide their customers with a complete end-to-end services. Partners have 24×7 access to sales tools, marketing resources, training programs, and certifications through our partner portal.

Careers

Learn about our #peoplefirst culture and what it means to be a Difender. Join our mission to relentlessly ‘DIFEND’ our customers and deliver measurable cyber security outcomes.

Leadership

Our leadership team is comprised of savvy business leaders and security industry experts, bringing years of experience together to create security solutions that just work.

Resource Center

View our cybersecurity resource center to learn about protecting your organization.

Contact Us

We’re here to help and answer any questions you might have. We look forward to hearing from you!

Cyber Resources

Contact Us

Featured

Learn More

Difenda Shield

Difenda Shield

Difenda Shield is an integrated cybersecurity suite of modules that gives companies the tools they need to stay vigilant, agile, and collaborative.

Managed SIEM

Extend, simplify, and centralize your security visibility while automating advanced threat detection using the managed SIEM solutions.

MXDR for IT

Break through visibility barriers for improved security resiliency. Difenda MXDR closely integrates Microsoft 365 Defender, Microsoft Defender for Cloud and Microsoft Sentinel with 24/7/365 advanced threat hunting and detection for a unified SecOps environment.

Managed Endpoint Detection and Response

Difenda Managed EDR minimizes the gap between speed of compromise and speed of detection with proactive threat hunting and incident response services, reducing attacker dwell time and mitigating the potential impact of a breach.

MXDR for OT

MXDR for OT offers a turn-key agentless extended detection and response (XDR) that is rapidly deployed, works with diverse endpoints, IoT, OT, and industrial control system (ICS) devices.

Managed Cloud TDR

Defend cloud applications and database infrastructure from account compromise, insider threats, and access misuse. Keep your cloud environment safe and secure with built-in defense from your business environment to the Azure Cloud Platform.

AVM

Difenda AVM continuously monitors, detects and helps provide guidance on remediation items and configuration issues, minimizing the window of opportunity for attackers.

Managed Email TDR

Get peace of mind when it comes to data protection. Keep business communications safe and secure by automatically filtering your entire email network from phishing emails and online threats in minutes.

Incident Response

With proactive ransomware mitigation support, ransomware attack response services and digital forensics services, you will be back to business as fast as possible.

Cyber Resources

Contact Us

Featured

Microsoft Copilot Checklist

Professional Services

Advisory Services

Discover actionable steps to improve your cybersecurity posture. Gain efficiency in the short-term and build towards a long-term security infrastructure that can scale.

Offensive Security

We combine human expertise with sophisticated tools, proven methodologies and threat intelligence to ensure a thorough, in-depth approach to security testing and assessments.

Professional Services

We help you in designing and deploying Microsoft security technologies for your unique needs.

Workshops

Assess your security posture and create a personalized timeline for mitigation of potential threats.

Managed Services

Extend your ability to defend and manage with our extensive portfolio of managed services.

Difenda Works

Machine Identity Management integration with Venafi and ServiceNow.

Cyber Resources

Contact Us

Industries

Education

Graduate to a modern security program.

Manufacturing

Protect operational continuity to deliver your product or service.

Finance

Coming soon.

Healthcare

Coming soon.
Blog Home /
 Blog

Blog

Threat Advisory: Critical Apache Log4j Vulnerability

by

Jan 10, 2022

About the Threat  

On December 9th, the most critical zero-day exploit in recent years was discovered affecting most of the biggest enterprise companies impacting the Apache Log4j Java-based logging library. This vulnerability is also known as CVE-2021-44228 which has a CVSS (Common Vulnerability Scoring System) score of 10, which is the highest risk possible; the exploitation will allow a remote and unauthenticated threat actor to take control of systems with vulnerable versions of Apache Log4j. 

Know The Threats That Matter Right Now: Subscribe to receive insider threat intelligence from Difenda’s front line security analysts in our 24/7/365 SOC.

Actions Being Taken by Difenda 

  • Difenda is conducting threat hunting activities in effort to identify exploit patterns. As additional intelligence is discovered these hunts are being enhanced and replayed to ensure we are providing up-to-date detections.
  • Difenda SecOps and RIR teams are working around the clock to stay on top of the emerging Log4j attacks worldwide, as this is an evolving situation.
  • At the time of this reporting, Difenda has not identified an impact to our products. However, our teams are thoroughly reviewing systems and will be taking appropriate action as needed. We will provide additional updates here on new information and protection details as it becomes available. Further guidance will be provided as we continue to learn more from our investigations. 

Mitigation or Remediation Actions You Can Take  

  • It is critical to determine where the Apache Log4j software may be in use within your environment and apply the patch by updating to version 2.15.0 immediately on these systems.
  • If patching is not possible at this time, there are several workarounds available to help mitigate the potential impact of this vulnerability.
  • Microsoft has documented several workarounds available for most Log4j deployments, as well as mitigations applicable to Microsoft technologies that are leveraging these features. Details from Microsoft can be found at the link below: 
    https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
  • Ensure all firewall and IPS system systems in-place are up-to-date with the latest detection signatures, and are configured appropriately to block these events when detected.
  • Follow and review vendor advisories as many 3rd party software vendors also utilize the Log4j application within their software and services.
  • If you believe your system may have been compromised or otherwise affected by this vulnerability, please contact the Difenda team immediately. 

 

About Difenda

Difenda is a privately held SecOps-as-a-Service company founded in 2008. It delivers 24/7/365 security operations backed by modernized PCI, SOC 2 Type II, and ISO 27001 certified Cyber Command Centers (C3). Difenda’s managed practice is powered solely on the Microsoft Security product platform and it holds the Gold Security Service Provider certification and an Advanced Specialization in Threat Protection with Microsoft. Alongside a fully integrated, modular platform, it provides a range of advisory and offensive security services to complement customer driven outcomes.

Our Microsoft Security Services
Explore