You should take 6 minutes to learn about the recently announced Apache Log4j 2 vulnerability (especially if these things are unfamiliar to you) including immediate action items like checking in on your public cloud assets, the role of the MITRE corporation in maintaining the official list of CVEs, the very prosaic urgency of patching for announced vulnerabilities, and the 2017 Equifax data breach as an example of why this patching can be imminently important.

Correction: I snuck an extra "s" onto the end of Log4j erroneously on a couple occasions in the video.

свернуть