Is it just me or is the announcement of a significant CVE becoming a holiday tradition? Discovered on December 9, 2021 by Minecraft players, the Apache Log4Shell vulnerability is a uniquely insidious because it infects servers which are traditionally well insulated from attacks and perceived as unreachable by an intruder and not at risk for CVEs. Log4Shell is an entirely different can of works that proves this assumption wrong.

Editor's Note: As leader of our customer success team, Yadhu works directly with our users and their leadership to solve real-world technology problems. This blog is the first of a new series featuring how our customers are using the Forward Enterprise platform to deliver business value. Enterprise IT teams around the world are frustratingly familiar with the process of vendor contract reconciliation, the annual process of ensuring that the support contracts for devices in the network are accurate.

There are almost 165,000 known CVEs (Common Vulnerabilities and Exposures) listed in the NIST Database. In October of 2020, the NSA published a list of the 25 CVEs most likely to be exploited by Nation-State attackers in China; Checkpoint software found over 3 million attempts to penetrate networks or steal files using these known vulnerabilities.

There’s a lot of upside to becoming an application-centric business. You can increase collaboration, work more effectively with your data, deliver an optimal customer experience, and much more. One major downside, though, is that your network and security operations teams are under intense pressure to provision new applications both quickly and securely.