Log4j Remediation Rules Now Available for WhiteSource Renovate and Enterprise

WhiteSource Launches Free Developer Tool to Detect and Remediate Spring4Shell Vulnerability

The Software Composition Analysis leader now offers a remediation preset for WhiteSource Renovate and Enterprise, enabling users to identify and fix the Log4j vulnerability from hundreds of downstream dependent packages of Log4j

WhiteSource, a leader in open source security and management, today announced that a Log4j remediation preset is now included in both its commercial product and free GitHub developer tool. This preset allows enterprises to find and automatically fix both direct and indirect Log4j dependencies, which is something that no other security vendor is currently providing. In addition, a new online resource center has been made available by the company, to provide Log4j remediation and secure coding best practices.

Marketing Technology News: MarTech Interview with Nick Mattingly, Co-Founder and CEO at Switcher Studio

Since the Log4Shell vulnerability was first published by the national vulnerability database (NVD) on Dec 12th, 2021, two additional vulnerabilities were found in the popular Java logging framework, Log4j. Our research shows that Log4j has been used in over 52% of applications used across top 2000 organizations in the software development industry.

While additional vulnerabilities may still be found, the new versions of Log4j resolve all known vulnerabilities. However, many packages in the Maven and Gradle ecosystems use Log4j, so remediating it requires more than just upgrading Log4j in direct dependencies — it may also require upgrading multiple indirect dependencies. The new remediation preset by WhiteSource helps to address the challenge faced by security teams in updating indirect (transitive) dependencies.

“As news of new Log4j exploits emerge daily, it’s crucial for developers using Log4j to quickly and proactively update Log4j to a secure version,” said Rhys Arkins, Director of Product Management at WhiteSource. “WhiteSource Renovate combined with Merge Confidence helps developers support that strategy.”

Marketing Technology News: MarTech Interview with Nick Mattingly, Co-Founder and CEO at Switcher Studio

Picture of PRNewswire

PRNewswire

PR Newswire, a Cision company, is the premier global provider of multimedia platforms and distribution that marketers, corporate communicators, sustainability officers, public affairs and investor relations officers leverage to engage key audiences. Having pioneered the commercial news distribution industry over 60 years ago, PR Newswire today provides end-to- end solutions to produce, optimize and target content -- and then distribute and measure results. Combining the world's largest multi-channel, multi-cultural content distribution and optimization network with comprehensive workflow tools and platforms, PR Newswire powers the stories of organizations around the world. PR Newswire serves tens of thousands of clients from offices in the Americas, Europe, Middle East, Africa and Asia-Pacific regions.

You Might Also Like