Log4j Vulnerability Resource Center


All You Need to Know About Log4j

Recent Log4j vulnerabilities, starting with CVE-2021-44228 published on December 10, have sent security and development teams into a tailspin.

This critical issue and the chaos that followed bring to the forefront the biggest challenges organizations face when addressing open source risks.

This new resource center includes all Log4j news and updates, actionable remediation advice, and links to automated tools that can help you find and fix Log4j security vulnerabilities early in development.

Free Remediation Tool



A free remediation solution which enables users to easily remediate Log4j vulnerability from hundreds of downstream dependent packages of Log4j.



Facing the Log4j Vulnerability Head On – The Risk and the Fix

In these webinars, our security experts will tell you all about the risk, the exploitability and the technical details around this vulnerability. In addition, we will review the best practices and processes you need to put in place to deal with such vulnerabilities in the future.

Our Latest Log4j Blog Posts

Free Detection Tool




A free CLI tool that quickly scans your projects to find vulnerable Log4j versions and provides the exact path — both to direct or indirect dependencies, along with the fixed version for speedy remediation.

How Mend.io Customers Handled Log4j

Electronic Healthcare Record (EHR) Software Vendor Remediates Log4j with Mend

CAE Uses Mend to Secure Applications from the Log4j Threat

Research Info about Log4j CVEs

In the Media