Blog Home

The Software Supply Chain Risks You Need to Know
September 06, 2022

Code that an organization’s developers create is only the beginning of modern software development. In fact, first-party code is likely to be only a small portion of an application – sometimes as little as 10% of the application’s artifact ecosystem. An enterprise’s software supply chain is made of many parts, accumulated from many sources: open …

Read More
Log4shell Vulnerability Explained

Log4j Log4Shell 0-Day Vulnerability: All You Need To Know
December 28, 2021

On Thursday, Dec 9th 2021, a researcher from the Alibaba Cloud Security Team dropped a zero-day remote code execution exploit on Twitter, targeting the extremely popular log4j logging framework for Java (specifically, the 2.x branch called Log4j2). The vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. …

Read More

Popular Tags