How We Handled the Log4j Security Vulnerability


Lattix Codebase DSM

Log4j is a Java-based logging utility part of the Apache logging services. This is a popular logging tool used in tens of thousands of software packages. Google estimates that 8% of Maven Central Repository was affected with about 7000 artifacts directly dependent on log4j (either a version of log4j-core or log4j-api). Every major software company went into crisis mode, they were trying to figure out how their products could possibly be affected and if so how they were going to patch the vulnerability. Lattix being a Java-based application also needed to scan its codebase.

Read more…