Log4Shell restrospective
It's been one and a half years: Let look behind the immediate pain of Java's now infamous logging library Log4j — what happened, how, and why it's still relevant.
- How does the vulnerability work and why was it so special?
- Why is it relatively complex to detect and evaluate for both custom and off-the-shelf software?
- How can you monitor exploitation attempts?
- Can we avoid the next one?
- Speaker:
- Philipp Krenn
- Podjetje
- Elastic