The Lessons of Log4Shell: Preparing for the Next Zero-Day

Think back to December 2021, when Log4Shell was disclosed. How long did the chaos last? What did the response cost your organization?

Attackers are evolving. Software supply chain attacks like Log4Shell are ascendant. This trend is being driven by the massive explosion in open source software combined with pure economic incentives. Modern software now sits on top of a massive iceberg of other people’s code - code that is often completely unexamined. The next zero-day incident is already lying dormant somewhere in your software.

The security practices of the 20th century can’t keep up. Traditional SCA-based response to Log4Shell required slow, expensive rescanning of all existing deployed software just to discover if and where log4j even existed in production environments. No remediation effort could even start without this lengthy process. A new approach is needed, and the Software Bill of Materials is the key to this next generation of software inspection.

The havoc that will ensue from the next Log4Shell-like zero-day event can be considerably reduced with proactive measures that can non-disruptively be included into existing software development workflows. The emergence of the SBOM is giving software producers deep visibility into their software and is allowing them to evaluate that software much more rapidly than before. Having complete visibility into your software means better decisions - driving down both the duration of incidents and the frequency of incidents.

In this presentation, we will learn about SBOMs, explore how they’re generated and see how to get the most out of them. Attendees will learn about the usefulness of SBOMs both for responding to zero-day situations like Log4Shell and for more run-of-the-mill vulnerability scanning (increasing both speed and accuracy). We will tie it all together with strategies to automate creation and evaluation in software pipelines, increasing overall software supply chain security (detecting problems sooner and fixing problems faster with fewer production disruptions).