Tag: log4j
What the New OWASP Top 10 Changes Mean to Devs
Pankaj Gupta | | application security, AppSEcurity, devops, log4j, OWASP, security, ShiftLeft, SSRF, WAFThe open web application security project (OWASP) recently updated its top 10 list of the most critical security risks to web applications after four years. It represents the most radical shake-up since ...
4 Reasons Software Developers Need a Bill of Materials
The recent Log4j/Log4Shell vulnerability was a wake-up call that threats aren’t going to wait until the industry gets up to speed on software supply chain security. While the Log4j open source component ...
How to Mitigate Software Supply Chain Risks
Veronica Haggar | | Know Your Code: Open Source and Supply Chain Summit, log4j, Log4Shell, Snyk, Software Supply Chain SecurityAs new vulnerabilities are discovered on a daily basis, DevOps teams must integrate security into the early stages of the development lifecycle and be vigilant about what elements are incorporated into their ...
How Log4j Becomes a Serious DevOps Problem
The recent discovery of the Apache Log4j vulnerability has wide-ranging implications for anyone who develops software, especially for those in the DevOps realm. What’s most troubling about the vulnerability (CVE-2021-44228) is how ...
Log4j: It’s All About the Supply Chain, Baby!
In 2021, the security story in DevOps and DevSecOps has been the supply chain. So, it’s only fitting that we are currently experiencing the mother of all supply chain issues with the ...
U.S. Govt. CX EO | Mozilla Revenue | Log4j Latest
Richi Jennings | | Chrome, cx, Edge, federal government, Firefox, In the end the love you take is equal to the love you make, log4j, Log4Shell, Mozilla, The Long ViewIn this week’s The Long View: Improving U.S. government CX, how much money Mozilla makes, and the latest on the Log4j/Log4Shell débâcle ...
