The immediate focus on Log4j was on the IT side of the business. However, the IoT side can be even worse. Consider how many embedded systems use Java and are not easily discovered and patched via remote management tools. Those cases mean dispatching teams all over the world to react to Log4j – to physically go patch devices – and remain vulnerable in the interim.
Prior to Log4j, leaders like TOOQ announced they secure their IoT analytics app with NetFoundry, and leaders like Capgemini and Arm announced this autonomous vehicle zero trust security solution with NetFoundry. The TOOQ IoT solution uses Nvidia Jetson devices, and the Arm/Capgemini/NetFoundry solution uses AWS Greengrass. AWS Greengrass uses Log4j – it was therefore vulnerable – but not for businesses that proactively secured with the Arm/Capgemini/NetFoundry solution. Putting this together into one picture:
In that picture we can easily see how businesses who choose to proactively secure their environments with NetFoundry were protected from the Log4j issues inside AWS Greengrass, and any future vulnerability, for example in other software on the Nvidia Jetson devices. Jetson and AWS Greengrass are both terrific IoT solutions. Adding the Ziti endpoint (via SDK, container or VM) helps their IoT solutions be secure by ensuring they can’t be reached from the networks. You can dive into the detail in this Zero Trust whitepaper to learn how to secure all your assets from network attacks, proactively, making the next Log4j into a non-event for your business, including securing your AWS Greengrass environments.
For those not yet familiar, Log4j disrupted businesses to an unprecedented extent. The CVE is a severity 10 (the highest possible severity). Any device that’s exposed to networks is potentially at risk if it’s running Java, because an estimated 90% of Java software uses Log4j.
Yet, Log4j was a non-event for businesses who leveraged NetFoundry to secure their IT and IoT environments, including solutions leveraging AWS Greengrass and Nvidia Jetson. Was Log4j neutered because NetFoundry runs magical AI-enhanced algorithms which detected the vulnerability in quasi real time and were able to magically patch thousands of systems in quasi real time? No. It is because businesses use NetFoundry to proactively secure their environments from all network-initiated attacks – these businesses proactively make their environments unreachable from the networks.
This proactive security stance means these businesses are protected from known and unknown vulnerabilities. Log4j and the next Log4j. The businesses still patch the vulnerabilities as they are discovered – but the businesses can perform the patches as part of regular operations – rather than as an emergency fire drill – saving almost unmeasurable amounts of time, cost and opportunity cost. You can dive into the detail in this Zero Trust whitepaper to learn how to secure all your assets from network attacks, proactively, making the next Log4j into a non-event for your business, including both IT and IoT environments.