Case Study: International Retailer confirms no Log4j compromise and strengthens security posture with Palo Alto Networks Unit 42 Compromise Assessment

An international retailer relies on Unit 42 to identify its Log4j exposure and risk

An international retailer engaged Palo Alto Networks’ Unit 42 after the widespread Log4j remote-code-execution vulnerability was disclosed. Although the retailer had applied patches, it needed authoritative validation for its board, insurers and customers that systems and PII had not been compromised and wanted a focused review of its overall security posture.

Unit 42 conducted a threat‑informed Compromise Assessment—mapping ~4,000 domains and 120 IP blocks, threat hunting via Cortex XDR, and targeted penetration tests—and found no evidence of Log4j-related compromise. The review did surface 2,000+ other issues, including 13 critical external-facing findings, exposed services, and outdated WAF/TLS configurations, producing a remediation roadmap that averted costly disclosures and strengthened the retailer’s security posture.