Stellar Cyber: Log4j Vulnerability and Exploitation Detection

This page summarizes the projects mentioned and recommended in the original post on reddit.com/r/u_stellarcyber
#Logging #Apache #API #Java #Library

Our great sponsors
  • Scout APM - Less time debugging, more time building
  • SonarQube - Static code analysis for 29 languages.
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • Apache Log4j 2

    Apache Log4j 2 is an upgrade to Log4j that provides significant improvements over its predecessor, Log4j 1.x, and provides many of the improvements available in Logback while fixing some inherent problems in Logback's architecture.

    Finally, eight years later on November 30, 2021, the Log4j team was made aware of the remote code execution vulnerability as a result of the combination of log interpolation with JNDI lookup. One week later, nearly everyone in the security community and IT industry got informed and started to panic one way or another.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts