Log4J: Tales from The Trenches: The State of Log4J Remediation

The announcement of Log4j vulnerability sent security and development teams into a tailspin — not once, but multiple times. Throughout it all, WhiteSource has been providing tools for discovery and automated remediation, and working closely with our customers.

Join our experts to learn what has been going on, such as:

  • What percentage of organizations were affected?

  • How common were Log4j transitive dependencies compared to direct dependencies?

  • How quickly were the best performing organizations able to find and fix Log4j vulnerabilities?

  • What best practices can help an organization get through an exercise such as this quickly and easily?

  • What factors cause some organizations to struggle more than others?

  • What percentage of Maven packages are still vulnerable and still being downloaded?

We will also demonstrate how to use the two free discovery and remediation tools that WhiteSource has provided.