log4j
Safeguard articles tagged "log4j" — guides, analysis, and best practices for software supply chain and application security.
17 articles
Log4j One Year Later: What We Learned and What We Didn't Fix
A year after Log4Shell shook the internet, many organizations still had vulnerable instances. Here's what the anniversary revealed about our industry.
Log4j and the Maintainer Burnout Crisis Nobody Talks About
The Log4Shell vulnerability exposed more than a critical flaw in Java logging. It revealed a systemic failure in how the industry treats the people who maintain critical open source infrastructure.
Detecting Log4Shell in Your Software Supply Chain
Log4j isn't just in your code — it's in your vendors' code, your container base images, and your transitive dependencies. Here's how to find it everywhere.
Log4Shell Impact Assessment and Remediation Guide
You know Log4Shell is bad. Now here's how to find every instance in your environment and fix it — including the edge cases everyone misses.
Log4Shell Vulnerability (CVE-2021-44228) Explained
The most critical vulnerability in a decade dropped on a Friday. Log4Shell affects virtually every Java application and is trivial to exploit. Here's what happened.