Skip to content

Log4J Vulnerability: What you can do now

ON-DEMAND WEBINAR

The most serious of vulnerabilities was just found in the most used logging framework, but DevSecOps teams can quickly identify what’s impacted and where they focus their time.

It’s important for software teams to future proof their code and continually look for these types of flaws, as well as defenses that let software adapt itself to an evolving threat landscape. Historical defense techniques like Web Application Firewalls (WAFs) are incapable of addressing vulnerabilities like this because the data doesn’t just come from web input and isn’t visible with signatures.

Watch this live discussion "Log4j Vulnerability: What you can do now" to learn how only Contrast’s embedded approach allows you to:

  • Scale to find what apps have vulnerable versions of Log4j
  • Find which apps have the vulnerability (and others like it)
  • Most urgently, stop attacks against it, today, without waiting for a patch or WAF signature
  • Most importantly, future proof your code and protect against the many zero-days to come
Screen Shot 2021-12-16 at 7-11-57 AM-png

Melinda Marks

Senior Analyst, ESG

Senior Analyst Melinda Marks covers application and cloud security at ESG, helping organizations scale safely while adopting faster cloud-native development cycles. Her coverage area includes cloud-native application protection platforms, cloud workload protection, cloud security posture management, DevSecOps, and application security, including web application security testing (SAST, DAST, IAST, SCA) and API security.

larry-png

Larry Maccherone

DevSecOps Transformation, Contrast Security

Larry is a thought leader on DevSecOps. At Comcast, he launched and scaled the DevSecOps Transformation program over five years, and is now at Contrast helping organizations empower development teams to take ownership of security. Larry was a founding Director at Carnegie Mellon's CyLab and co-led the launch of Build-Security-In initiative.

erik costlow-jpeg-1

Erik Costlow

Developer Relations, Contrast Security

Erik Costlow is a software security expert with extensive Java experience. He manages developer relations for Contrast Security, weaving sensors into applications, giving them the ability to detect security threats based on how the application uses its data. Erik was the principal product manager in Oracle focused on security of Java 8, joining at the height of hacks and departing after a two-year absence of zero-day vulnerabilities. 

Watch On-Demand

Resources to help you get secure code moving

white-paper-cover-01

5 WAYS TO ENSURE DEVSECOPS SUCCESS

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Download White Paper
report-cover-01

2021 APPLICATION SECURITY OBSERVABILITY REPORT

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Download Report
risk-modern

RISK AND THE MODERN SOFTWARE SUPPLY CHAIN

Lorem ipsum dolor sit amet, consectetur adipisicing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

Read Blog