What is Spring4Shell & Why Should I Care?

Presented by

Ax Sharma

About this talk

Did Spring4Shell set the internet on fire again? Not so fast. In a special episode of Wicked Good Development we dissect the zero-day RCE vulnerability in the Spring Framework dubbed Spring4Shell or Springshell. From comparisons to Log4j to how to remediate it and what versions on vulnerable, the experts on today's show break down what we know so far about this new vulnerability. And most importantly, how to determine if you're effected.

Related topics:

More from this channel

Upcoming talks (1)
On-demand talks (5)
Subscribers (490)
Sonatype is the software supply chain management company. We empower developers and security professionals with intelligent tools to innovate more securely at scale. Our platform addresses every element of an organization’s entire software development life cycle, including third-party open source code, first-party source code, infrastructure as code, and containerized code. Sonatype identifies critical security vulnerabilities and code quality issues and reports results directly to developers when they can most effectively fix them. This helps organizations develop consistently high-quality, secure software which fully meets their business needs and those of their end-customers and partners. More than 2,000 organizations, including 70% of the Fortune 100, and 15 million software developers already rely on our tools and guidance to help them deliver and maintain exceptional and secure software.