Contact Support Login

What’s Next for Log4j? Tales From the Trenches Panel



The recently discovered flaw in Apache’s Log4j software continues to stress security teams and put many organizations at risk. Because Log4j is very difficult to detect, many scanners may not detect it.

Rezilion researchers conducted a survey using multiple open source and commercial scanning tools and assessed the tools against a dataset of packaged Java files where Log4j was nested and packaged in various formats. While no scanner was able to detect Log4j in all formats initially, several scanner makers were quick to respond and update their technology to find the bug.

In part two of our webinar series on Log4j, Rezilion’s head researcher, Yotam Perkal, welcomes guests from Anchore and Mergebase to discuss their reaction to the Rezilion research, as well as takeaways on what they are seeing now with Log4j, and what they expect the future holds.

Watch this on-demand webinar and you will learn:

• The pressing concerns that continue around Log4j

• What other industry experts think about the future of this vulnerability

• Suggestions and takeaways for protecting your organizations against the Log4j vulnerability

Josh Bressers
Vice President of Security
Anchore

Josh Bressers is the Vice President of Security at Anchore. Josh has helped build and manage product security teams for open source projects as well as several organizations. Everything from managing supply chains, vulnerabilities, security development lifecycle, DevSecOps, security product management, security strategy, and nearly any other task that falls under the security umbrella. Josh co-hosts the Open Source Security Podcast and the Hacker History Podcast. He also is the co-founder of the Global Security Database project to bring vulnerability identification into the modern age.

Julius Musseau
Chief Technology Officer
MergeBase

Julius Musseau (@juliusmusseau) is the CTO and Co-Founder at Mergebase Software Inc., a Vancouver based cyber defense startup focused on securing software supply chains. Julius is an active software engineer and Apache committer with over 15 years experience. Previously Julius maintained back-end payment, messaging, and online banking software for the Canadian credit union sector. Julius is 100% to blame for CVE-2014-3604.

Yotam Perkal
Director Vulnerability Research
Rezilion

Yotam leads the vulnerability research team at Rezilion, focusing on research around vulnerability validation, mitigation, and remediation.
He is passionate about cybersecurity and Machine Learning (ML) and especially intrigued by the intersection between the domains, whether it be using ML in order to help solve cybersecurity challenges or exploring the challenges in securing ML applications.
Prior to Rezilion, Yotam filled several roles at PayPal Security organization, dealing with vulnerability management, threat intelligence, and insider threats.
Additionally, Yotam is also a member of the PyCon Israel organization committee and takes part in several OpenSSF working groups around open-source security.

© 2022 Rezilion. All Rights Reserved.