Case Study: Leading EHR Software Vendor rapidly remediates Log4j with Mend

Electronic Healthcare Record (EHR) Software Vendor Remediates Log4j with Mend

Log4j, a leading provider of electronic healthcare record (EHR) software, faced an urgent security challenge when the CVE-2021-44228 Log4j vulnerability was disclosed and exploits were already being seen in the wild. The company needed to quickly secure a large application environment and identify every instance of the vulnerable library across its codebase.

Mend had been selected earlier as the company’s Software Composition Analysis (SCA) solution, and it enabled full scanning across every code branch and application. With Mend and an internal application inventory, the vendor identified impacted Java touchpoints with greater than 98% certainty, notified owners, and patched production systems across the organization within hours, completing remediation in under 12 hours.

Log4j