Java Development in a Post Log4Shell World - Lee Turner

January 18, 2022 Lee Turner

1 minute read

Our second speaker will be Lee Turner - the Lead Backend Developer at Crunch. Lee will be talking to us about Java Development in a Post Log4Shell World

As a Java developer you will probably already be aware of, and are probably in the midst of remediating, the vulnerability that has come to be known as Log4Shell. This is the vulnerability which security researchers disclosed on Friday (10 December 2021) for Apache’s Log4j logging framework.

This was one of the most serious vulnerabilities found in the java ecosystem for a long time - a zero day, unauthenticated Remote Code Execution (RCE) vulnerability in a library used by a huge number of java apps. With Oracle reporting over 13 billion devices using java, that provides a huge number of potential targets.

In this talk we will briefly cover what Log4Shell is and how it can be exploited. We will then discuss what we can do, as developers, to “shift left” and improve the health and security of our code even though security is not always part of a developer’s mindset.

Bio

Lee is the Lead Backend Developer at Crunch

Connect with Lee:

Twitter: https://twitter.com/leeturner
LinkedIn: https://www.linkedin.com/in/turnerlee

Brighton JUG

Home

About

Blog

Meetup

Silicon Brighton

Speaker Form

Recent Posts

June 2023 Brighton JUG Meetup - Summer Social

Today's Special - Apache Tika Masala! with Dan Conn

Quarkus for Spring Developers with Eric Deandrea

Getting started cloud natively, with Java with Mark Sailes

The Java Agent- modifying Bytecode at runtime for fun and profit with Joseph Beeton