From 95e34c2637f4092f153ed9c71c70ecbd1d40640a Mon Sep 17 00:00:00 2001
From: justmurphy <96064251+justmurphy@users.noreply.github.com>
Date: Wed, 29 Dec 2021 16:18:03 -0500
Subject: [PATCH] Update CISA rec guidance

---
 README.md | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/README.md b/README.md
index f2ad884..d338bed 100644
--- a/README.md
+++ b/README.md
@@ -3,10 +3,10 @@
 This repository provides
 [CISA's guidance](https://www.cisa.gov/uscert/apache-log4j-vulnerability-guidance)
 and an overview of related software regarding the Log4j vulnerability
-(CVE-2021-44228). CISA urges users and administrators to review the
-[official Apache release](https://logging.apache.org/log4j/2.x/security.html)
-for updates and mitigation guidance, and upgrade to Log4j 2.17.1 (Java 8), 2.12.4
-(Java 7) and 2.3.2 (Java 6).
+(CVE-2021-44228). CISA urges users and administrators to upgrade to Log4j 2.17.1
+(Java 8), 2.12.4 (Java 7) and 2.3.2 (Java 6), and review and monitor the
+[Apache Log4j Security Vulnerabilities webpage](https://logging.apache.org/log4j/2.x/security.html)
+for updates and mitigation guidance.
 
 The information in this repository is provided "as is" for informational
 purposes only and is being assembled and updated by CISA through
@@ -35,7 +35,7 @@ or imply their endorsement, recommendation, or favoring by CISA.
 
 National Vulnerability Database (NVD) Information: [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228)
 
-## Mitigation Guidance ##
+## CISA Mitigation Guidance ##
 
 When updates are available, agencies must update software
 using Log4j to the newest version, which is the most