Log4Shell Vulnerability Solutions Forum 2022

  • Scheduled to Air Friday, 18 Feb 2022 9:00AM EST (18 Feb 2022 14:00 UTC)
  • Speaker: Jake Williams

In the months since the Log4Shell vulnerability rocked the Internet, there have been numerous lessons learned. While there's no doubt that defenders will be dealing with vulnerable applications (while pen testers and threat actors target them) for years to come, we can begin implementing lessons immediately. There's little doubt that sooner or later there will be another vulnerability of this magnitude in a widely used library like log4j. Those who have acted to deploy appropriate solutions will no doubt benefit from their diligence and forward thinking. But simultaneously, they'll also be addressing the multitude of log4j vulnerabilities that were inevitably not disclosed by vendors and missed in vulnerability scanning.

Join us to discuss how solutions such as these can set you up for success:

  • Software Composition Analysis (SCA) tools
  • Threat intelligence for early warning and situational awareness
  • Network segmentation to limit the blast radius of a successful exploitation
  • API protection and web application security to identify, understand and block attacks that target exposed endpoints
  • Zero Trust Networking to limit exploitation vectors
  • Vulnerability management solutions to scan for vulnerable applications
  • Network Detection and Response (NDR) to identify exploitation and post-exploitation activity