Log4j alarm: this is what Trend Micro recommends
As an immediate reaction to log4j, companies can follow detailed recommendations and apply existing patches and apply best practices. But in a second step you should take a general look at processes related to software supply chains. Ultimately, Log4Shell, however security-relevant the gap may be, is “only” a faulty component in the software supply chain, ”says Udo Schneider, IoT Security Evangelist Europe at Trend Micro. Log4Shell - Do you know your software supply chain? The critical threat posed by the Log4Shell vulnerability naturally requires an immediate response. But in the second step, companies generally have to ask themselves questions about ...