Log4Shell prevention rules for AWS, Azure, and GCP added ⚠️

Using a vulnerable version of the Apache Log4j library might enable attackers to exploit a Lookup mechanism that enables remote code execution. We’ve added rules to check that your cloud WAFs have the right signatures in place to prevent Log4j exploits (also known as Log4Shell). We’ve added the following policies: