Nylas quickly protects against the Log4j vulnerability using Lacework

Nylas is a communications API platform that helps developers quickly and securely build email, scheduling, and work automation features directly into their applications. They have a multicloud environment, operating on both Amazon Web Services (AWS) and Google Cloud, and use a mix of containerized and non-containerized services. When Log4j was disclosed, they turned to Lacework.

With Lacework, Nylas quickly determined that the vulnerable library wasn’t present across their hosts and that their customers weren’t affected. Then, while impacted vendors patched their own services, Nylas continued to rely on Lacework to monitor their environment for potential exploit activity.

The case study highlights how Nylas used Lacework to:
  • Scan thousands of hosts within one hour after the CVE was disclosed
  • Monitor for suspicious activity and anomalies with continuous and complete visibility
  • Confirm that their exposure was limited and quickly relay that to their own customers


 

Related Resources

Cloud Threat Hunting Assessment
Free 14-Day Cloud Threat Hunting Assessment
eBook
Cloud Security Automation For Dummies®