Next at Chase | Architecture & Engineering
The Log4Shell chronicles, Part 2: Lessons learned
01/01/23 — 9 min read — authored by Haiying Guo and Panna Pavangadkar — After Log4Shell vulnerability exploited a simple logging feature in the open-source library Apache Log4j2, what did we learn from the experience and how do we prevent future vulnerabilities?
The Log4Shell chronicles, Part 1: Holiday frenzy
01/01/23 — 9 min read — authored by Haiying Guo and Panna Pavangadkar — In December 2021, on the eve of one of the busiest shopping and travel seasons of the year, software powering government agencies, health care organizations and banks was suddenly compromised by Log4Shell.