Solutions Granted, a Top 250 MSSP and master MSSP, has integrated Coda Intelligence vulnerability management capabilities into its portfolio. In doing so, Solutions Granted customers and partners can use the Coda Footprint platform for counter-threat intelligence, red teaming and continuous vulnerability management, according to a prepared statement.
Coda Footprint identifies and prioritizes cyberattack kill chains, Coda indicated. It leverages machine learning algorithms to score vulnerabilities and build contextual risk scores.
Furthermore, Coda Footprint leverages the National Institute of Standards and Technology (NIST) common vulnerabilities and exposures (CVE) database to help organizations identify vulnerabilities across Windows endpoints, Coda VP of Threat Operations Cory Clark noted. If vulnerabilities are discovered, Coda Footprint ensures organizations' endpoints are properly secured.
Coda Offers Free Access to Log4J Detection Engines to MSSPs, MSP
Along with partnering with Solutions Granted, Coda is providing free access to its Log4J detection engines to MSSPs and MSPs. That way, MSSPs and MSPs can use these engines to accelerate Log4Shell vulnerability detection and remediation, the company said.
Coda's Log4J detection engines can detect vulnerable Log4J components deployed in IT environments, the company noted. They leverage agentless scanners that trigger neutralized payloads to identify vulnerable Log4J components.
Furthermore, the detection engines allow organizations to find out if a Java package is vulnerable to Log4Shell, Coda indicated. To do so, organizations can upload .jar, .war or .ear files and have them checked against Log4J and determine if vulnerable versions of Apache software are present.
Details emerged about the Apache Log4J software vulnerability in December 2021. The Cybersecurity and Infrastructure Security Agency (CISA) has called Log4J a "severe risk" and offered guidance to patch the vulnerability and address Log4Shell attacks. In addition, Cybereason and other cybersecurity companies have released Log4J fixes.