WhiteSource Launches Free Tool to Detect and Remediate Log4j Vulnerabilities
Developer tool now available on GitHub
TEL AVIV AND BOSTON โ December 15, 2021ย โย WhiteSource, a leader in open source security and management, today launched WhiteSource Log4j Detect, a free command-line interface (CLI) tool to help organizations quickly detect and remediate the Log4j vulnerabilitiesย CVE-2021-44228ย andย CVE-2021-445046.
This free developer tool, which is hosted onย GitHubย and is now available for use, quickly scans projects to find vulnerable Log4j versions and provides the exact path โ both to direct or indirect dependencies โ along with the fixed version for speedy remediation. As a standalone tool, developers can download the utility that matches their platform, run it within the terminal, and run the scan command on the root folder of the project.
โBy offering this free tool to developers and their teams, we aim to help organizations address these vulnerabilities, and mitigate their impact,โ said Rami Sass, co-founder, and CEO of WhiteSource. โItโs important for us to provide security and DevOps teams the tools that they need to address new threats. Adopting a remediation-first approach and baking security automation into development is the best way to proactively address new and emerging risks to todayโs software development organizations.โ
Learn More:ย Get free tools to detect and fix Log4j vulnerabilities at ourย Log4j Vulnerabilityย Resource Center.
About Mend.io
Mend.io is a leading application security solution that helps organizations fix less and reduce risk faster. Built for both AI-driven and modern development workflows, Mend.io gives teams visibility into all code โ human-written, AI-generated, open source, third-party and container components โ and helps them prioritize and remediate the risks that matter most.
