Forum Discussion
Apache Log4j Detection Optimizations Summary: While the...
That is our standard requirement but after customer feedback and consideration for the prevalence of Apache Log4j files, it was decided make an exception and to no longer require thorough tests. Additionally, customers were omitting thorough tests in subsequent scans which was causing the vulnerability to appear remediated in T.io and T.sc. Also, customers did not want other plugins that use thorough tests to be run.
We are considering re-introducing the thorough tests requirement in the future but not at this time.
The thorough tests requirement was removed December 22 as mentioned in this Release Highlight: https://community.tenable.com/s/feed/0D53a00008FRFabCAH
Please contact technical support to show your support for getting thorough tests back in place.
There are trade-offs with using dir/findstr vs Powershell but the plugin was updated to no longer use the 'dir' and 'findstr' anymore since this can potentially use more resources and using Powershell for the file system scan, while potentially slower, uses less resources.
Also, the plugin has been updated to slow down the Java archive inspection in Powershell before explicitly closing handles. This should assist with the garbage collection and result in considerably less resource usage.
