Log4j (aka "Log4Shell") Resource Center

We’re here to help.

Get in touch Read the Log4j Threat Analysis

Threat Briefings
Unit 42 Analysis
Resources
Assessments

Live and On-Demand Threat Briefings

Threat briefings to keep you up to date on the latest best practices for responding to Log4j

WEBINAR
Unit 42 Log4j Threat Briefing

Bradley Duncan

On-demand

1 hour
WEBINAR
Top Questions Your C-Suite and Board Will Ask About Log4j

Tim Erridge, David Faraone, and LeeAnne Pelzer

Jan 11, 08:00 AM PST

Unit 42 Log4j Threat Analysis

With over 360,000 readers consuming our initial threat analysis of Log4j, the Unit 42 Threat Intelligence team continues to publish factual information on best practices for your mitigations, as well as research on exploits we've seen targeting Log4Shell.

Read the Log4j Threat Analysis

How Palo Alto Networks Customers Are Protected

Palo Alto Networks customers are protected from attacks exploiting the Apache Log4j remote code execution (RCE) vulnerability. In addition, we offer a number of solutions to help identify affected applications and incident response if needed. Here’s how we help:

Blocking the Exploit: To give you time while your teams patch the vulnerabilities, Palo Alto Networks customers are protected by our Next-Generation Firewalls (PA-Series, VM-Series and CN-Series) or Prisma Access with a Threat Prevention security subscription, Cortex® XDR™ and Prisma® Cloud.
Incident Scoping: Palo Alto Networks can help provide this visibility using Prisma Cloud, Cortex XSOAR and Cortex Xpanse.
Incident Response: Our IR services can help companies of any size investigate and remediate potential threat actor activity.

LOG4SHELL RESOURCES

See all documents

Portfolio

BLOG

The Palo Alto Networks Full-Court Defense for Apache Log4j

Read blog

Strata

BLOG

Addressing Apache Log4j Vulnerability with NGFW and Cloud-Delivered Security Services

Read blog

Prisma

BLOG

Update: Prisma Cloud Addresses Log4Shell: CVE-2021-44228, CVE-2021-45046 Mitigations

Read blog

Cortex

BLOG

Managing Apache Log4j on Your Attack Surface with Cortex Xpanse

Read blog

Unit 42

BLOG

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228)

Read blog

See all documents

ASSESS & RESPOND

Unit 42 Log4Shell Compromise Assessment

Assess your exposure, investigate and remediate.

Learn more

Get Log4j Response Support

If you suspect you may be impacted by the Log4j vulnerability, fill out the form to get in touch with the Unit 42 Incident Response team. If you have a cyber insurance provider or legal counsel, you can request Unit 42 by name to help you investigate this matter.

You agree that the assessment shall be subject to the Palo Alto Networks End User Agreement and Professional Services Agreement. View our Privacy Statement.

Log4j (aka "Log4Shell") Resource Center

Threat briefings to keep you up to date on the latest best practices for responding to Log4j

Unit 42 Log4j Threat Briefing

Top Questions Your C-Suite and Board Will Ask About Log4j

Unit 42 Log4j Threat Analysis

How Palo Alto Networks Customers Are Protected

The Palo Alto Networks Full-Court Defense for Apache Log4j

Addressing Apache Log4j Vulnerability with NGFW and Cloud-Delivered Security Services

Update: Prisma Cloud Addresses Log4Shell: CVE-2021-44228, CVE-2021-45046 Mitigations

Managing Apache Log4j on Your Attack Surface with Cortex Xpanse

Another Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228)

Unit 42 Log4Shell Compromise Assessment

Get Log4j Response Support

Get the latest news, invites to events and threat alerts

Popular Resources

Legal Notices

Popular Links