LOG4J vulnerability and Anaplan

michael.chefer
Contributor
1 ACCEPTED SOLUTION

Accepted Solutions
michael.chefer
Contributor

Re: LOG4J vulnerability and Anaplan

 

I heard back from support and here is what they said regarding eh vulnerability. 

 

"Our Engineering and Level 3 teams are actively investigating this issue. Please find the latest response below: 
 
Please note that this situation is evolving and we continue to adapt as it unfolds.  Anaplan has a two-pronged approach to deal with this vulnerability.  First, we have updated instances of Log4j throughout the Production environment.  In addition, Anaplan uses host-based security monitoring and alerting on each server.  The solution vendor has already issued Log4j-specific monitoring and we have implemented it on all hosts.  We have not seen any indications of compromise, and we continue to closely monitor the environment. "

View solution in original post

1 REPLY 1
michael.chefer
Contributor

Re: LOG4J vulnerability and Anaplan

 

I heard back from support and here is what they said regarding eh vulnerability. 

 

"Our Engineering and Level 3 teams are actively investigating this issue. Please find the latest response below: 
 
Please note that this situation is evolving and we continue to adapt as it unfolds.  Anaplan has a two-pronged approach to deal with this vulnerability.  First, we have updated instances of Log4j throughout the Production environment.  In addition, Anaplan uses host-based security monitoring and alerting on each server.  The solution vendor has already issued Log4j-specific monitoring and we have implemented it on all hosts.  We have not seen any indications of compromise, and we continue to closely monitor the environment. "

View solution in original post