Platform
Akeyless Vault Platform
Secrets Management
Secrets Store Credential Rotation Just-in-Time Credentials Secure Kubernetes Secrets Secrets Sharing Short-lived SSH Certificates PKI as a Service Integrations
Platform Extensions
Encryption & KMS
Multi-Cloud KMS (BYOK) Encryption & Tokenization Database & Disk Encryption
Secure Remote Access
Secretless Developer Access Third Party Access Just-In-Time Zero Trust Access Secure Web Access
Password Management
Password Sharing Password Manager
Securing Secrets at Scale Learn how to stop Secrets Sprawl Download the eBook
Pricing
Learn
Blog
Glossary
Technical Docs
Resource Library
DevSec Podcast
Company
About Us
News
Careers
Auditing & Compliance
Partners
Why Partner with Us
Become a Partner
Register a Deal
Partner Portal
KeyConf
Contact Us
Back

The Log4j Vulnerability

Posted by Miryam Brand
December 16, 2021

Executive summary: The Akeyless Vault Platform is not impacted by the log4j vulnerability

Recently, a zero-day vulnerability (CVE-2021-44228) was discovered in the popular Apache Log4j logging library, which could allow an attacker full remote code execution.

Many enterprise apps and cloud services use this common logging library. Apache has since released a security update and provided recommended configurations for earlier versions that mitigate the vulnerability’s impact. We strongly encourage security and dev teams to analyze their use of the tool and update immediately, if they haven’t already done so.

Akeyless’ security teams validated the platform code and processes, and confirm that this vulnerability does not affect our platform, throughout the entire software supply chain.

As part of Akeyless SOC 2 Type II and ISO27001:2013 compliance, Akeyless has established a process to promptly validate the effect of any vulnerability, just like this log4j issue.

For more details on how Akeyless secures the Vault Platform, and our customers, visit akeyless.io/trust-center.

Recent Posts

See the Akeyless Vault Platform in Action

Close