Log4Shell: Lessons Learned

Log4Shell (CVE-2021-44228) is a zero-day arbitrary code execution vulnerability in Log4j that has recently wreaked havoc on our industry. Let's discuss what we've learned from our efforts to find and mitigate what is being called "by far the single biggest, most critical vulnerability ever".

While speakers and presentations are good, our Let's Talk Software Security meetup group is different. No official talks, vendor pitches, or sponsors - we host an open, practitioner-focused discussion where everyone is heard.

How did you find out if your company was impacted? Who did you contact? How quickly did you fix it? What were some of the challenges? What can we do better next time? These are just a few questions we'll address during this session. Be sure to bring your thoughts, opinions, and questions and let's learn from each other!