Since the Log4Shell vulnerability became public, companies have been working quickly to fix vulnerabilities in their own systems while also scrutinizing their application portfolio to understand their overall exposure.
To assist LeanIX customers on this front, our team of researchers continue to collect information on the remediation efforts of the top 20 SaaS vendors used by our customers. We publish the information collected in LeanIX's SaaS Catalog, which is available to LeanIX APM customers.
Our dedicated team of researchers keeps the SaaS catalog up to date with accurate information on a wide range of SaaS applications. This information includes application description, product category, SSO, hosting, and so on.
Using the SaaS Catalog, customers can quickly determine, on a daily basis, the Log4Shell remediation status for specific SaaS applications. The catalog also provides links to sites and posts where SaaS application providers have published information on the vulnerability, along with any additional information about the vulnerability we find.
LeanIX APM customers who have enabled the “SaaS Catalog” or “SaaS Discovery” feature can access this information in several ways.
We catalogued Log4Shell remediation data for over 200+ SaaS Applications. In the process we found that most vendors continue to work diligently to remediate this vulnerability as it evolves.
We also found the following regarding Microsoft and Oracle: