Maybe most of you already mitigated critical log4shell issue by using Logpresso scanner.
However it's not end of the game. You should receive patch from vendor and apply patch or upgrade vulnerable software. In worst case new software installation might have old log4j vulnerabilities.
Logpresso Watch collects vulnerability report from Logpresso scanner and visualize Log4j risk overview.
How it works
After signup with Google ID use log4j2-scan with
--api-key switch for Logpresso Watch integration.
If you control outbound internet access from server farm you may use HTTPS proxy for it.
If your organization's security policy does not allow any outbound access contact firstname.lastname@example.org for on-premise version.
Why should I choose Logpresso?
Logpresso scanner is most widely used scanner for log4shell issues.
It also recommended by several security advisories from global vendors including.