Critical Infrastructure Security , Digital Identity , Endpoint Detection & Response (EDR)

A Structured Response to the Log4j Vulnerability

Ericsson Security Director Ian Keller on the Use of Native EDR Tools to Remediate Risks
Ian Keller, security director, Ericsson

"We came up with a structured, documented approach to respond to mitigating the Log4j vulnerability using the EDR scanning tools along with a code validation, containerization, and sandboxing of our applications and networks," says Ian Keller, security director at Ericsson.

See Also: Xi'an Jiaotong-Liverpool University Drives Pageviews with Cloudflare Performance

"I would advise security teams to use scanning tools native to their organization to identify the Log4j kind of vulnerabilities and zero-day gaps," he says.

In this interview with Information Security Media Group, Keller also discusses:

  • How his organization detected the widespread vulnerability;
  • A structured incidence response approach involving all functions in the vulnerability detection process;
  • Applying the security-by-design reliability model to analyze the vulnerabilities.

Keller, director of customer security at Ericsson, is an information security evangelist with over 30 years of experience. He started his career in the South African Defense Force's Combat School, where he served as an instructor in Army intelligence. Keller took this background into the corporate world and was instrumental in creating the global information security function for one of the country's Big Five banks. He subsequently was appointed as a chief information security officer for one of South Africa's leading corporate and merchant banks.


About the Author

Geetha Nandikotkur

Geetha Nandikotkur

Vice President - Conferences, Asia, Middle East and Africa, ISMG

Nandikotkur is an award-winning journalist with over 20 years of experience in newspapers, audiovisual media, magazines and research. She has an understanding of technology and business journalism and has moderated several roundtables and conferences, in addition to leading mentoring programs for the IT community. Prior to joining ISMG, Nandikotkur worked for 9.9 Media as a group editor for CIO & Leader, IT Next and CSO Forum.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.