Log4Shell and SpringShell are just the vulnerabilities that managed to get everybody’s attention, but vulnerabilities that can be as harmful as them are also being discovered. This presentation will provide more information about the existing threats and where to stay informed about them and hint at a couple of tools that can help you keep your code base on products more secure.

In the first part extract of the data that gathered daily regarding threats and explain what are the top vulnerabilities you need to be aware of.

In the second part a couple of tools that will allow you to automate the securing of your source code and supply chain will be presented.

Even if there are two years since the two vulnerabilities were discovered they are still as present as ever.