Sirion’s Cybersecurity Capabilities and Posture Remain Strong
- 15 min read
- ADITYA GUPTA
Introduction
According to the MIT Technology Review, cyberattacks that leveraged zero-day exploits hit a new peak in 2021, increasing almost 100 percent year-over-year. While the threat actors behind these attacks have ranged from state-sponsored hackers to private groups, their targets have been far less obvious with significant fallout damage for software users, especially large enterprises.
For example, last year, Microsoft announced that it had detected several zero-day exploits being used to attack on-premises versions of Microsoft Exchange Server to access on-premises Exchange servers which offered a backdoor to email accounts and allowed installation of additional malware. Here we take a look at the impact of the Log4j Exploit and take you through Sirion’s cybersecurity posture and specific measures to mitigate such attacks.
Assessing the Wider Impact of the Log4j Exploit
While it is hard to estimate the damage caused by such attacks in terms of an exact dollar figure, it is safe to assume that zero-day vulnerabilities harm SaaS businesses in more ways than just one. Straight off the bat, it compromises data security, which in turn could lead to regulatory issues and loss of faith among customers.
The Log4j exploit is the latest among zero-day vulnerabilities that is estimated to have far-reaching effects on enterprise software users. According to researchers, this recently discovered vulnerability in the widely used Java logging library Apache Log4j (versions 2.0 to 2.14.1) allows attackers to gain full control of affected servers and enables unauthenticated remote code execution. Given how extensively Java developers use the Log4j library to build enterprise applications and services, infosec agencies and specialists such as Cybersecurity & Infrastructure Security Agency (CISA), FireEye, LunaSec, and Randori have recommended that all organizations “adopt an assumed breach mentality and review logs for impacted applications for unusual activity.”
Securing Sirion’s Infrastructure and strengthening the cybersecurity capabilities to counter the Log4j Exploit points
For our customers, Sirion’s contract lifecycle management (CLM) platform is a key strategic enabler as well as a storehouse of sensitive mission-critical data. Since the announcement on 10 December 2021, our infosec, engineering, and product teams have worked around the clock to identify platform technology components that use the Log4j library; and have rapidly taken all necessary mitigation and remediation steps to ensure that Sirion remains as impregnable as ever.
Our lightning-fast response to the Log4j issue can be largely attributed to the maturity of Sirion’s software development lifecycle (SDLC) and our continued focus on maintaining a single code base for our platform. Our mature SDLC model enabled tight alignment and seamless handoffs between developers, designers, and product managers who worked together to plan, prototype, test, and deploy critical security fixes in record time. In addition, our unified codebase helped us ensure that the fixes were rolled out globally across all customer installations at the same time.
At Sirion, we have addressed the Log4j vulnerability by:
- Implementing a defensive system and making necessary environment variable changes.
- Taking immediate mitigation measures to prevent any attempt to exploit the Log4j vulnerability.
- Performing extensive internal testing using canary tokens.
- Auditing and validating security tools.
- Updating the existing version of Log4j library to the latest version across all deployments.
We also completed an internal security assessment and concluded that Sirion and its customers were not impacted by this vulnerability. Our customer success and professional services teams also played a key role in reassuring all our valued customers that their data continued to remain secure within the Sirion CLM platform.
Improving Our InfoSec Roadmap and Cybersecurity Posture, Continuously
Zero-day exploits such as Log4j are neither the first nor the last cybersecurity threats that will emerge over the course of the coming years. As a result, our team at Sirion will continue to remain ever vigilant, keep an ear to the ground, and continue to strengthen our platform’s monitoring and security infrastructure to try and stay one step ahead of future security exploits.