A tiny articles to show that I implemented a Log4J scanner into XDR as a script you can run.
XDR is not a vulnerability management tool, even do host-insight offers some kind of list of vulnerabilities.
I used the original code created by the CERT/CC : https://www.kb.cert.org/vuls/id/930724
Here is a sample result of the script while it’s running at a customer.
source code of the XDR script can be found here : https://github.com/k4nfr3/XDR_scripts/blob/main/xdr_log4j.py1