• Home
  • Newsroom
  • WhiteSource Launches Free Tool to Detect and Remediate Log4j Vulnerabilities

WhiteSource Launches Free Tool to Detect and Remediate Log4j Vulnerabilities

Developer tool now available on GitHub

TEL AVIV AND BOSTON – December 15, 2021 – WhiteSource, a leader in open source security and management, today launched WhiteSource Log4j Detect, a free command-line interface (CLI) tool to help organizations quickly detect and remediate the Log4j vulnerabilities CVE-2021-44228 and CVE-2021-445046

This free developer tool, which is hosted on GitHub and is now available for use, quickly scans projects to find vulnerable Log4j versions and provides the exact path — both to direct or indirect dependencies — along with the fixed version for speedy remediation. As a standalone tool, developers can download the utility that matches their platform, run it within the terminal, and run the scan command on the root folder of the project. 

“By offering this free tool to developers and their teams, we aim to help organizations address these vulnerabilities, and mitigate their impact,” said Rami Sass, co-founder, and CEO of WhiteSource. “It’s important for us to provide security and DevOps teams the tools that they need to address new threats. Adopting a remediation-first approach and baking security automation into development is the best way to proactively address new and emerging risks to today’s software development organizations.”

On Monday, December 20, 2021, at 11 am EST, WhiteSource security experts will be hosting a live webinar to discuss the risk and exploitability of this vulnerability, as well as best practices to deal with similar vulnerabilities in the future. To register, click here.

About WhiteSource

WhiteSource helps organizations accelerate‌ the development of secure software ‌at‌ ‌scale‌. We provide automated tools that help bridge the security knowledge gap, integrating easily into the software development life cycle and going beyond detection with a remediation-first approach. WhiteSource is built on the most comprehensive vulnerability database in the industry, providing the widest coverage for threats and attack vectors. Our solution helps enterprises like Microsoft, IBM, Comcast, Philips, and many more reduce security risk and increase the productivity of their security and development teams. For more information, visit www.whitesourcesoftware.com.

###

Contact Details: 

Shanie Weissman

Global Communications Manager, WhiteSource

shanie.weissman@whitesourcesoftware.com

Learn More: Get free tools to detect and fix Log4j vulnerabilities at our Log4j Vulnerability Resource Center.

Meet The Author

Adam Murray

Adam Murray is a content writer at WhiteSource. He began his career in corporate communications and PR, in London and New York, before moving to Tel Aviv. He’s spent the last ten years working with tech companies like Amdocs, Gilat Satellite Systems, Allot Communications, and Sisense. He holds a Ph.D. in English Literature. When he’s not spending time with his wife and son, he’s preoccupied with his beloved football team, Tottenham Hotspur.

Subscribe to Our Blog