In December 2021, the Java community was hit by the Log4Shell exploit that showed the vulnerability in one of the most common Java frameworks used on the Internet. Obviously .NET isn't vulnerable to this particular attack, but we think there are important insights that apply to .NET equally well.

In this session, we will drive our analysis using Secure by Design to understand why it is important to consider architecture and design around logging – as it is often overlooked and become a potential attack surface.