TheServerSide

Spring XML configuration

The introduction of Spring annotations such as @Bean and @Component, which greatly simplify how to provision and autowire Spring managed beans, triggered a mass exodus from XML-based Spring ...
Infosecurity-magazine.com

RSAC: Log4J Still Among Top Exploited Vulnerabilities, Cato Finds

Three years after its discovery, the Log4J vulnerability (CVE-2021-44228) exploit remains one of the most attempted exploits observed by cloud security provider Cato Networks. Cato Cyber Threat ...
Search Engine Land

XML sitemaps and SEO: What you need to know

XML sitemaps just turned 18 in June, and in honor of its full-fledged introduction into adulthood, I’m breaking down how XML sitemaps work, how to build one, and why XML sitemaps offer a boatload of ...
CSOonline

Cyber Safety Review Board warns that Log4j event is an “endemic vulnerability”

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released the first report of the Cyber Safety Review Board (CSRB), formed in February as directed under President Biden’s May 2021 ...
TechRepublic

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps

Log4j postmortem: Developers are taking a hard look at software supply-chain security gaps Your email has been sent With so many security and developer teams doing postmortems on the Log4j security ...
Forbes

Log4J Security: Why Threat Detection And Response Are As Critical As Patching

President of Anomali. A leader in intelligence-driven cybersecurity, an ArcSight cofounder and an Ernst & Young Entrepreneur of The Year. If you are like most security leaders, you've encountered ...
Network World

Log4j hearing: ‘Open source is not the problem’

The high-tech community is still trying to figure out the long-term impact of the serious vulnerability found late last year in the open-source Apache Log4j software, and so is the US Senate. “Open ...
TheServerSide

Lessons learned from the Log4j vulnerability

Community driven content discussing all aspects of software development from DevOps to design patterns. In case you’ve been hiding under a rock – or perhaps hiding from endless yelping about security ...
acm.org

Log4j and the Thankless High-Risk Task of Managing Software Component Upgrades

There are many dependency management frameworks for utilizing software components, and the Log4j website has thorough documentation on how to include Log4j with several such as Maven, Ivy, Gradle, and ...
Computer Weekly

Top three questions about the Log4j vulnerability

In December 2021, a vulnerability in the open source Log4J logging service used by developers to monitor their Java applications first came to light, leaving enterprises scrambling to patch affected ...
Gizmodo

After Log4j, Open-Source Software Is Now a National Security Issue

The White House convened a meeting between some of tech's biggest players Thursday to discuss how the security of open-source software could be improved. Reading time 2 minutes For years, developers ...