How Fairwinds Insights Can Help You Identify log4j Container Vulnerabilities
Written By: Robert Brennan
The zero-day vulnerability known as log4j has been described as one of the most serious security issues in recent years, allowing attackers to remotely execute code and gain access to machines. Not only is log4j simple to take advantage of, its ubiquitous nature means it has been embedded in a vast array of applications, services and software tools-and employed by bad actors around the world.
As we wrapped 2021, a lot of time was being spent identifying if infrastructure was affected. You can read Fairwinds’ statement on our open source tooling and Insights platform here.
Identifying Container Vulnerabilities
If you are a Kubernetes user and need to understand if you have log4j container vulnerabilities present, Fairwinds can help. Fairwinds Insights is guardrails and governance software that allows teams responsible for Kubernetes to identify container vulnerabilities and suggest remediation advice.
Fairwinds Insights will scan your containers against known CVEs including log4j. If a container is at risk, Insights will create an Action Item.
You can see the details for the containers that are affected as well as the severity — in this case — critical. Users can then upgrade to the latest fixed version. Insights will continuously scan to identify further log4j vulnerabilities (amongst others).
Team leaders can use Fairwinds Insights to monitor the health of containers across teams and multiple clusters.
Kubernetes Security & Fairwinds Insights: Get Started
You can trial Fairwinds Insights today to help your team identify log4j container vulnerabilities. You’ll need to request a trial here. You’ll confirm your email, set up a new organization and then be able to add clusters and coworkers to the organization.
There are three ways to connect with Fairwinds Insights:
- The Continuous Integration feature can report on issues during pull requests by scanning your infrastructure-as-code
- The Admission Controller blocks resources with severe issues from entering your cluster
- The In-Cluster Agent reports on issues with resources that have been deployed to your clusters
The fastest way to identify log4j container vulnerabilities is to install the in-cluster agent. You can read more about this in the Fairwinds Insights documentation.
Don’t let your containers catch you out. Use Fairwinds Insights to ensure Kubernetes security.