Vulnerability Management

Products

System & Network Scanning

Find vulnerabilities in your entire infrastructure

Web Application Scanning

Find vulnerabilities in your web apps and APIs

Phishing & Awareness Training

Increase resilience against social engineering

Distribution Options

Cloud

Efficient and secure in the cloud

On-premise

Installed in your infra with local storage

Professional services

Success Program

Let our experts help you become successful

Penetration testing

Automated pen-testing

PCI DSS compliance

Meet compliance demands

Vulnerability Management Platform

Holm Security VMP

Take your tour
Solutions

Business needs

Industries

Compliance

Resources
Customers
Pricing
Partner

Information

Partner solutions

About us
Login

Security Center

Organizer

Start your trial account

System & Network Scanning

Systems, IoT, OT, SCADA etc.

Web App Scanning

All web apps and APIs.

Phishing Simulation

Build your human firewall.
Delivery option

Cloud
Delivery option

On-premise
Start your trial account

Pen. testing

Premium support

PCI compliance

Solutions

Resources

Partner

Pricing

About us

Pen. testing

Premium support

PCI compliance

Solutions

Business needs
AWS (Amazon Web Services)
COVID-19
IoT (Internet of Things)
Microsoft Azure
MSSP, MSP & SP (Service Providers)
OT, ICS, SCADA & PLC
SIEM integration
Social Engineering
Threat Intelligence
VAPT
Work from Home (WFH)
Risk Posture & Assessment
Risk-based Vulnerability Management
Industries
Education
Energy sector
Healthcare
Municipality
Retail & e-commerce
Shipping & maritime
Compliance
GDPR
HIPAA
ISO/IEC 27001
NIS
OWASP top 10
PCI DSS
Personal Data Protection Act
Personal Data Protection Bill
PSD2 (Payment Service Directive 2)
RMiT
SOX

Resources

Webinars
Blog
Customers
Support pages

Partner

Information
Become a partner
Partner Solutions
MSSP Partner Program
Managed SaaS

Pricing

About us

Our story
Join us
Management Team
Board
Contact

RESOURCES

Log4Shell vulnerability resources

One out of ten systems might be affected by the critical Log4Shell vulnerability found in the Log4j version 2. Here you find our resources related to the Log4Shell vulnerability.

HELPDESK

How does Holm Security support detection of the Log4j (Log4Shell) vulnerability?

CVE-2021-44228 is a Remote Code Execution (RCE) vulnerability impacting Log4j version 2. The vulnerability is also known as Log4Shell.

Read article

HELPDESK

How do I scan for the Log4j vulnerability (Log4Shell)?

Watch this video for instructions on how to create a network scan profile for only detecting the Log4Shell vulnerability.

Watch video

RECORDED WEBINAR

How to detect & remediate the Log4j vulnerability

Watch this recorded webinar, featuring our CTO, Erik Torlén, and Mihail Lupan, Lead Security Engineer, to learn more about how organizations are affected by the Log4j vulnerability and how you can detect and remediate it. 

Watch the webinar to learn:

  • About the Log4j vulnerability and how it impacts your organization
  • How to find this vulnerability using Holm Security VMP
  • Demonstration in Security Center
  • Q&A session
Watch now

BUSINESS NEEDS

All about the Log4Shell vulnerability

As much as one out of ten systems might be affected by the critical Log4Shell vulnerability found in the Log4j version 2. The Log4shell vulnerability could be used to initiate a ransomware attack.

Read more

RESOURCES

List of affected software by the Log4Shell vulnerability

Zyxware Technologies has published a list of software affected by Log4Shell. Find the list of vendors and software on Zyxware Technologies website (external link).

Go to software list

BLOG ARTICLE

How to remediate the Log4j 2 vulnerability

On Friday the 10th of December, a new widespread vulnerability impacting the Apache Log4j version 2 library (CVE-2021-44228) was detected and has gotten much global attention over the weekend. Due to the nature of this vulnerability, it can exist on any operating system and provides the ability for hackers to gain access to arbitrary code. Therefore, it's crucial for organizations to have the correct tools and processes to ensure their infrastructure is secure.

Read article