Looking behind the immediate pain of Java's now infamous logging library Log4j:
* How does the vulnerability work?
* Why is it comparatively complex to detect and measure both for customized and off the shelf software?
* How can you monitor exploitation attempts?
Website: https://jdd.org.pl
Facebook: https://www.facebook.com/JDDconf
Twitter: https://twitter.com/JDD_Krakow