CrowdStrike continues to track and monitor the evolution of the Log4j vulnerabilities – collectively being referred to as “Log4Shell.” CrowdStrike will update this webpage and our customer Knowledge Base on the Log4j vulnerabilities, exploitation attempts and mitigation guidance.

Bookmark this page or sign up below to stay up-to-date on the Log4Shell vulnerability.

Log4Shell Resources

A curation of CrowdStrike's Log4Shell updates and resources including guides, tools, blog, and CrowdCasts.

Blog

OverWatch Exposes AQUATIC PANDA in Possession of Log4Shell Exploit Tools During Hands-on Intrusion Attempt

Learn how CrowdStrike Falcon® OverWatch's™ Rapid Notification Process disrupted AQUATIC PANDA.

Read Now

Blog

Baselining and Hunting Log4Shell with the CrowdStrike Falcon® Platform

Insight into what incident responders can do to help mitigate some threat surface as patching marches on.

Read Now

Blog

CrowdStrike Services Launches Log4j Quick Reference Guide

The CrowdStrike Services Log4j Quick Reference Guide (QRG) distills down the key insights that security teams need to respond effectively.

Read Now

On-demand CrowdCast

Threat Hunting Log4j Exploits with Falcon OverWatch

Gain insights you can use to kickstart your own threat hunting efforts.

Speakers: Michael Wylie, Senior Manager, Threat Response
Jessica Lee, Threat Response Analyst

Watch Now

What is Log4Shell? What Do You Need to Know?

CrowdStrike Intelligence shares the latest facts about Log4Shell and the ongoing attempts to exploit this vulnerability.

What is “Log4Shell” and why is it such a severe threat?

Read the CrowdStrike Intelligence team’s assessment of Log4Shell

Read Now

How can I learn more about Log4Shell?

Adam Meyers, CrowdStrike SVP of Intelligence, discusses what you need to know about this critical attack vector.

Watch Now

Learn how CrowdStrike protects against threats delivered via Log4Shell

CrowdStrike uses a multi-layered approach to protect our customers. Learn more about how the CrowdStrike Falcon® platform and the elite threat hunting of CrowdStrike Falcon® OverWatch provide powerful protection against threats delivered via this vulnerability to stop breaches.

"25 minutes. That's how long it took from an Overwatch alert to eradicating a Log4j exploit."
- Cybersecurity Leader of Specialty Retailer

BLOG

How CrowdStrike Protects Customers from Threats Delivered via Log4Shell
Learn how CrowdStrike continues to track and monitor the evolution of Log4Shell to deploy countermeasures and protect customers.

Read Blog

On-Demand CrowdCast

Log4j: A View from the Front Lines
Learn how CrowdStrike Services is helping solve challenges posed by the Log4j vulnerability

Watch Now

Free Targeted Log4j
Search Tool

The free CrowdStrike tool (dubbed the CrowdStrike Archive Scan Tool, or “CAST”) performs a targeted search by scanning a given set of directories for JAR, WAR, ZIP and EAR files, and then it performs a deeper scan on those file types matching against a known set of checksums for Log4j libraries.

Learn More

All Log4Shell Resources

Blogs
Guides
Tools
CrowdCasts

OverWatch Exposes AQUATIC PANDA in Possession of Log4Shell Exploit Tools During Hands-on Intrusion Attempt
Learn how CrowdStrike Falcon® OverWatch's™ Rapid Notification Process disrupted AQUATIC PANDA, a China-based targeted intrusion adversary.

Baselining and Hunting Log4Shell with the CrowdStrike Falcon® Platform
Insight into what incident responders can do to help mitigate some threat surface as patching marches on.

CrowdStrike Launches Free Targeted
Log4j Search Tool

Learn more about CrowdStrike's new community tool that can be used to quickly scan file systems looking for versions of the Log4j code libraries.

CrowdStrike Services Launches Log4j Quick Reference Guide (QRG)
Learn more about our Quick Reference Guide and the key insights that security teams need to respond effectively to Log4j.

How CrowdStrike Protects Customers from Threats Delivered via Log4Shell
Learn how CrowdStrike continues to track and monitor the evolution of Log4Shell to deploy countermeasures and protect customers.

Quick Reference Guide: Log4j Remote Code Execution Vulnerability
Version 7, updated December 29
The “CrowdStrike Services Log4j Quick Reference Guide” summarizes the latest key information about the Log4j vulnerability, based on insights gained from responding to real-world incidents.

CAST
(CrowdStrike Archive Scanning Tool)

CAST is a free community tool developed by CrowdStrike Services that performs a targeted search for Log4j libraries.

Insights from CrowdStrike Falcon® OverWatch Elite
On-Demand
Get a real-world view from the experts on the front lines and gain insights you can use to kickstart your own Log4j threat hunting efforts.

Log4j: A View From The Frontlines
On-Demand
CrowdStrike Services' James Perry and Matt Harvey share observations directly from the front lines of incident response and share information about how they are helping to solve some of the key challenges surrounding Log4j.

Log4j2 Zero-Day Vulnerability Update
On-Demand
CrowdStrike's SVP of Intelligence Adam Meyers examines the facts behind Log4Shell and discusses the actions you can take to protect yourself and your company.