topic Java Deserialization exploit preventions are covered in which module of exploit protection in cortex xdr? in Cortex XDR Discussions https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453550#M1378 <P>Hello all,</P><P>&nbsp;</P><P>Need information regarding Java Deserialization exploit protection in cortex XDR.</P><P>&nbsp;</P><P>Java Deserialization exploit preventions are covered in which module of exploit protection in cortex xdr?</P><P>&nbsp;</P><P>Thanks in advance.</P><P><LI-PRODUCT title="Cortex XDR" id="Cortex_XDR"></LI-PRODUCT>&nbsp;</P> Thu, 16 Dec 2021 06:34:13 GMT tejasp04 2021-12-16T06:34:13Z Java Deserialization exploit preventions are covered in which module of exploit protection in cortex xdr? https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453550#M1378 <P>Hello all,</P><P>&nbsp;</P><P>Need information regarding Java Deserialization exploit protection in cortex XDR.</P><P>&nbsp;</P><P>Java Deserialization exploit preventions are covered in which module of exploit protection in cortex xdr?</P><P>&nbsp;</P><P>Thanks in advance.</P><P><LI-PRODUCT title="Cortex XDR" id="Cortex_XDR"></LI-PRODUCT>&nbsp;</P> Thu, 16 Dec 2021 06:34:13 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453550#M1378 tejasp04 2021-12-16T06:34:13Z Re: Java Deserialization exploit preventions are covered in which module of exploit protection in cortex xdr? https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453560#M1381 <P><SPAN>If you referring about Log4J exploit. Below are the details.</SPAN></P><P>&nbsp;</P><P><A href="https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/" target="_blank">https://unit42.paloaltonetworks.com/apache-log4j-vulnerability-cve-2021-44228/</A></P><P><SPAN><A href="https://www.paloaltonetworks.com/blog/security-operations/hunting-for-log4j-cve-20210-44228-log4shell-exploit-activity/" target="_blank">https://www.paloaltonetworks.com/blog/security-operations/hunting-for-log4j-cve-20210-44228-log4shell-exploit-activity/</A></SPAN></P><P>&nbsp;</P><P>&nbsp;</P><P><SPAN>The exploit attempt will be blocked by the Java Deserialization Exploit protection module which is automatically activated when you enable Known Vulnerable Processes Protection in the Linux Exploit Security profile. We highly recommend making sure the Known Vulnerable Processes Protection module is set to block (which is the default configuration). Once the module is set to block (which is the default configuration) Cortex XDR agent will block this activity and raise a Suspicious Input Deserialization alert.</SPAN></P><P>&nbsp;</P><P>&nbsp;</P> Thu, 16 Dec 2021 07:10:18 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453560#M1381 jcandelaria 2021-12-16T07:10:18Z Re: Java Deserialization exploit preventions are covered in which module of exploit protection in cortex xdr? https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453563#M1382 <P>Thanks for reponse.</P> Thu, 16 Dec 2021 07:16:10 GMT https://live.paloaltonetworks.com/t5/cortex-xdr-discussions/java-deserialization-exploit-preventions-are-covered-in-which/m-p/453563#M1382 tejasp04 2021-12-16T07:16:10Z