Now that the dust has settled on both the holiday season and the Log4j vulnerability that saw many of us working through it (CVE-2021-44228), it makes sense to look back and take stock of how things played out. What strategies worked in the face of one of the most notable vulnerabilities of the last decade? To begin with, let’s briefly look at the issue itself. Log4j is a Java logging utility used by just about … Continue reading Log4Shell: A retrospective