Apache Log4j の脆弱性に関するご報告 2021.12.20更新





当社では製品ポートフォリオに対する継続的な評価に加えて、強化された監視やソフトウェアの更新/パッチなど、リスクを軽減するための実質的な対策を講じております。また、Log4jの脆弱性に関する新しい情報について、Cyber​​security and Infrastructure SecurityAgencyやその他のいくつかのインテリジェンスソースから提供される情報を注視しております。当社は引き続きサードパーティのサプライヤーおよびパートナーと緊密に協力して、該当する事象があれば修復およびパッチ等による対応について状況を説明致します。







Dear Valued Customer: 

At this time, we have detected no incidents as a result of Log4j2.  As part of our ongoing due diligence pertaining to the Log4j incident, we continue to work across the organization to remediate any vulnerable instances of Log4j2 within the Ceridian environment.  We continue to monitor and upon becoming aware of any impact to Ceridian services from this incident, Ceridian will contact the affected customers. 

In addition to ongoing assessment of our product portfolios, we have applied substantial countermeasures to mitigate risk, including enhanced monitoring and software updates/patches. We are also actively monitoring information provided by the Cybersecurity and Infrastructure Security Agency, and several other intelligence sources, for new information on the Log4j vulnerability. We continue to work closely with our third-party suppliers and partners to account for their statuses, including remediation and patching activities as applicable. 

The security of our products and services is a top priority to Ceridian and critical to our ongoing commitment of trust and transparency with our customers. We will continue to respond quickly and take all actions necessary to protect our customers. This includes our enterprise-wide, tested and audited, response plan designed to ensure Ceridian can respond quickly to limit any customer impact should the need arise. 

Key updates will also be shared on our website.






Powered by Zendesk