Log4J Tales From the Trenches_ The State of Log4J Remediation

Presented by

Rhys Arkins Director Product Management & Tsaela Pinto Director of Software Engineering at WhiteSource

About this talk

The announcement of Log4j vulnerability sent security and development teams into a tailspin — not once, but multiple times. Throughout it all, WhiteSource has been providing tools for discovery and automated remediation, and working closely with our customers. Join our experts to learn what has been going on, such as: What percentage of organizations were affected? How common were Log4j transitive dependencies compared to direct dependencies? How quickly were the best performing organizations able to find and fix Log4j vulnerabilities? What best practices can help an organization get through an exercise such as this quickly and easily? What factors cause some organizations to struggle more than others? What percentage of Maven packages are still vulnerable and still being downloaded? We will also demonstrate how to use the two free discovery and remediation tools that WhiteSource has provided.

Related topics:

More from this channel

Upcoming talks (0)
On-demand talks (174)
Subscribers (14728)
Mend, formerly known as WhiteSource, effortlessly secures what developers create. Mend uniquely removes the burden of application security, allowing development teams to deliver quality, secure code, faster. With a proven track record of successfully meeting complex and large-scale application security needs, the world’s most demanding software developers rely on Mend. The company has more than 1,000 customers, including 25 percent of the Fortune 100, and manages Renovate, link here, the open-source automated dependency update project. For more information, visit www.mend.io, the Mend blog, and Mend on LinkedIn and Twitter.