October 10, 2022

Next 2022 Log4j Reflections, Software Dependencies and Open Source Security

26 minutes

Guest:

Topics:

Let's talk Open Source Software - are all these dependencies dependable?
Why was log4j such a big thing - at a whole ecosystem level?
Was it actually a Java / Maven problem? Are other languages "better" or more secure?
Is another log4j inevitable? What can organizations to minimise their own risks?

Resources:

Google Cloud Next 2022
Open Source Insights at deps.dev
Blog at blog.deps.dev with posts on Understanding the Impact of Apache Log4j Vulnerability and what happens After the Advisory
Assured Open Source Software service

...more

By Anton Chuvakin

4.8

3939 ratings

October 10, 2022

26 minutes

Guest:

Topics:

Let's talk Open Source Software - are all these dependencies dependable?
Why was log4j such a big thing - at a whole ecosystem level?
Was it actually a Java / Maven problem? Are other languages "better" or more secure?
Is another log4j inevitable? What can organizations to minimise their own risks?

Resources:

Google Cloud Next 2022
Open Source Insights at deps.dev
Blog at blog.deps.dev with posts on Understanding the Impact of Apache Log4j Vulnerability and what happens After the Advisory
Assured Open Source Software service

...more