WhiteSource - The Log4j Problem: Implications For Addressing Open Source Risks
Common Sense Network & Learn

The Log4j Problem: Implications
For Addressing Open Source Risks
– A Virtual Wine Appreciation

17th March, 2022, 17:00 – 18:15 CET, Successfully held

Request Detailed Session Notes

We are careful about who we send this key document to. The session notes will be sent based on the request, provided your profile matches our qualification criteria.

Presented by

WhiteSource - The Log4j Problem: Implications For Addressing Open Source Risks

Here’s what we discussed:

Companies looking to exit the vulnerability-fix cycle of Log4J are looking for the right approaches to minimize the risk and exploitability.

In this session, we discussed the best practices and processes needed to deal with such vulnerabilities and how organizations should manage their open source security risks.

Agenda

17:00 – 17:10 CET

Session and participant intro

17:11– 17:30 CET

Guided Wine Tasting by a Wine experts

17:31 – 18:10 CET

Interactive discussion on the topic

18:11 – 18:15 CET

Closing

Solution Expert

Rhys Arkins
Director of Product Management at WhiteSource
LinkedIn

Evangelist

Ricardo Sueiras
Principal Advocate in Open Source at AWS
LinkedIn

Here is what we learned:

Martin Clough, Head of Software Development – Group Functions, Nordea

• Clough said he doesn’t know of a single development team that wasn’t impacted by this. Everyone had some work to do between Christmas and New Year’s. It involved fixing its own apps, waiting for vendor patches, and ever-changing advice.
• The whole experience renewed their interest in SEA tools and more.
• They learned that by nature, they are a Java shop because these vulnerabilities are deep inside.

James Turland, Senior Information Security Manager, Aegon

• From an impact point of view, they had 3 figures of apps that were vulnerable thanks to mergers and acquisitions.
• With the development team outsourced to India, it meant fending for themselves to find the root cause of the vulnerability.
• James was interested in finding out how long it took for other companies to upgrade, and what the business impact was.
• The longer piece was tracking down thousands of third-party providers.
• Additionally, it was a huge suck on resources, and the ability to roll out new products.

Request detailed session notes

We are careful about who we send this key document to. The session notes will be sent based on the request, provided your profile matches our qualification criteria.

About WhiteSource: 

WhiteSource helps organizations accelerate‌ the development of secure software ‌at‌ ‌scale‌. We provide automated tools that help bridge the security knowledge gap, integrating easily into the software development life cycle, and going beyond detection with a remediation-first approach. WhiteSource is built on the most comprehensive vulnerability database in the industry, providing the widest coverage for threats and attack vectors. Our solution helps enterprises like Microsoft, IBM, Comcast, Philips, and many more reduce security risk and increase the productivity of their security and development teams. For more information, visit www.whitesourcesoftware.com.

Participation in this Virtual International Wine Appreciation is free of charge to qualified attendees. Once you’ve completed the registration, we’ll confirm your invitation and send you a calendar invite with a link to the meeting.

Here’s what attendees at past events have said:

Other active events

Talk To Us About Attending Future Events











    This site is protected by Invisible reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    Receive Upcoming Event Notifications
    Find out about upcoming events you or your team may want to attend.
    SUBMIT
    By hitting submit, you agree to receive important updates from Common Sense.