Log4j Vulnerability: What You Can Do Now



The most serious of vulnerabilities was just found in the most used logging framework, but DevSecOps teams can quickly identify what’s impacted and where they focus their time. It’s important for software teams to future proof their code and continually look for these types of flaws, as well as defenses that let software adapt itself to an evolving threat landscape. Historical defense techniques like Web Application Firewalls (WAFs) are inc​​apable of addressing vulnerabilities like this because the data doesn’t just come from web input and isn’t visible with signatures.

 

Learn how only Contrast’s embedded approach allows you to:

  • scale to find what apps have vulnerable versions of Log4j
  • find which apps have the vulnerability (and others like it) 
  • most urgently, stop attacks against it, today, without waiting for a patch or WAF signature
  • most importantly, future proof your code and protect against the many zero-days to come

Erik Costlow is a software security expert with extensive Java experience. He manages developer relations for Contrast Security, weaving sensors into applications, giving them the ability to detect security threats based on how the application uses its data. Erik was the principal product manager in Oracle focused on security of Java 8, joining at the height of hacks and departing after a two-year absence of zero-day vulnerabilities.

Speaker and Presenter Information

Erik Costlow
Developer Relations, Contrast Security

Relevant Government Agencies

Air Force, Army, Navy & Marine Corps, Intelligence Agencies, DOD & Military, Office of the President (includes OMB), Dept of Agriculture, Dept of Commerce, Dept of Education, Dept of Energy, Dept of Health & Human Services, Dept of Homeland Security, Dept of Housing & Urban Development, Dept of the Interior, Dept of Justice, Dept of Labor, Dept of State, Dept of Transportation, Dept of Treasury, Dept of Veterans Affairs, EPA, GSA, USPS, SSA, NASA, Other Federal Agencies, Legislative Agencies (GAO, GPO, LOC, etc.), Judicial Branch Agencies, State Government, County Government, City Government, Municipal Government, CIA, FEMA, Office of Personnel Management, Coast Guard, National Institutes of Health, FAA, Census Bureau, USAID, National Guard Association, EEOC, Federal Government, State & Local Government, FDA, Foreign Governments/Agencies, NSA, FCC

Members who viewed this event also viewed:


Event Type
Webcast


This event has no exhibitor/sponsor opportunities


When
Fri, Jan 14, 2022, 2:00pm - 2:30pm ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
ATARC


Contact Event Organizer


Join the event conversation:
@ATARC


Return to search results