Log4j2

Cybernews Interview with Deepfence

Editor’s note: This interview was originally published on Cybernews and has been crossposted here to share with the Deepfence community. Catching vulnerable components in the software development and building process helps to ensure that applications are as secure as possible

By: Owen Garrett |News| Posted On: March 17, 2022

How to Detect and Defeat the Log4j2 Vulnerability with Deepfence

Introduction to log4j2 mitigation The log4j2 vulnerability like the OpenSSL Heartbleed and Apache Struts vulnerabilities that came before it are poignant reminders to digital businesses that it’s not just enough to respond to a vulnerability by redeploying applications once a

By: Owen Garrett |Security observabilityVulnerability Management| Posted On: January 10, 2022

CVE-2021-44228: Log4j2 Exploitability & Attack Path Mitigation with ThreatMapper

Quick Overview The gravest cyber threat of modern times is upon us in the form of CVE-2021-44228. Here are some key resources: CVE-2021-44228: Apache Log4j <=2.14.1 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints.Severity:

By: Sandeep Lahane |Security observabilityVulnerability Management| Posted On: December 12, 2021