Our second speaker will be Lee Turner - the Lead Backend Developer at Crunch. Lee will be talking to us about Java Development in a Post Log4Shell World
As a Java developer you will probably already be aware of, and are probably in the midst of remediating, the vulnerability that has come to be known as Log4Shell. This is the vulnerability which security researchers disclosed on Friday (10 December 2021) for Apache’s Log4j logging framework.
This was one of the most serious vulnerabilities found in the java ecosystem for a long time - a zero day, unauthenticated Remote Code Execution (RCE) vulnerability in a library used by a huge number of java apps. With Oracle reporting over 13 billion devices using java, that provides a huge number of potential targets.
In this talk we will briefly cover what Log4Shell is and how it can be exploited. We will then discuss what we can do, as developers, to “shift left” and improve the health and security of our code even though security is not always part of a developer’s mindset.
Lee is the Lead Backend Developer at Crunch
Connect with Lee: