If you’re a Java developer or you use tools that are written in Java, you are likely familiar with the Log4Shell vulnerabilities of 2021. Due to the high CVE score and the widespread use of the dependency, virtually every IT company had to update some part of their stack to remediate the vulnerability.

During this talk, we’ll discuss how automation helped us in quickly and safely updating our Log4J dependencies. We’ll discuss how the automation works and how you can get started yourself! During the live demo, we’ll showcase the update process of a vulnerable component from making the required code changes all the way to deployment in production. Finally, some key takeaways will be shared on how to adopt this solution in your organisation.

Slides: https://www.slideshare.net/PieterVincken/join-2022-patching-3rd-party-software-like-a-boss
Talk JOIN 2022: https://youtu.be/fAEbRmD4-G0