Sanne has been managing the recent disclosure of the critical vulnerability Log4j, also known as CVE-2021-44228.
Since its disclosure, Sanne’s Information Security team have taken swift and effective action to detect any instance of the vulnerability. We are continuously scanning and assuring the entirety of our technology estate and are prepared to take immediate action, if necessary, to isolate and remediate the risk.
No exploitation of the vulnerability has been discovered in Sanne to date.
With a comprehensive suite of information security controls and tools coupled with a dedicated Security Operations Centre (SOC), Sanne is equipped to protect client data and enterprise systems from this 0-day vulnerability.
The Information Security team remain in close contact with all vendors to ensure available patches for proprietary software are deployed immediately to protect our systems. We are also engaging with national governments and industry partners to share real-time threat intelligence and best practice.
Sanne will continue to manage the situation closely and proactively take all necessary actions to secure your data.
Please do not hesitate to contact your Client Relationship Manager should you require any further information.