- 14 December, 2021
AllegroGraph Has No Log4j Security Exposure
Franz Inc. has clearly stated that all of its products including: AllegroGraph, Allegro CL, Allegro NFS and Gruff have no exposure to the security vulnerability from Log4j. Franz’s products have never used Log4j, unlike other Java based graph databases and products that are vulnerable to this security exploit.
Apache Log4j is a Java-based logging utility and is part of the Apache Logging Services, a project of the Apache Software Foundation. As reported by Wired News, “A vulnerability in the widely used logging library has become a full-blown security meltdown, affecting digital systems across the internet. Hackers are already attempting to exploit it, but even as fixes emerge, researchers warn that the flaw could have serious repercussions worldwide.”
According to Wired, “The problem lies in Log4j, a ubiquitous, open source Apache logging framework that developers use to keep a record of activity within an application. Security responders are scrambling to patch the bug, which can be easily exploited to take control of vulnerable systems remotely. At the same time, hackers are actively scanning the internet for affected systems. Some have already developed tools that automatically attempt to exploit the bug, as well as worms that can spread independently from one vulnerable system to another under the right conditions.”
“Decades of working with intelligence and government agencies has instilled a ‘security-first approach’ in all of our technology development,” said Dr. Jans Aasman, CEO of Franz, Inc. “This exploit has the potential to affect any type of business or organization. We want to assure all of our customers that their products from Franz are not at risk of exposure from Log4j.”
Born from early architectural influence within national intelligence and defense agencies, AllegroGraph offers the highest level of security available from a graph database. Not only does AllegroGraph not use Log4j, but the product offers unrivaled security via Triple Attributes, which is designed to protect the most sensitive data within the flexible environment of a graph database.