Reimagining Cyber - real world perspectives on cybersecurity

Log4j Vulnerabilities: All You Need to Know and How to Protect Yourself - Ep 26

Reimagining Cyber Season 1 Episode 26

Share episode

Steve Springett, who leads software security for ServiceNow in their product security team, is an open-source software (OSS) advocate and is also passionate about helping organizations reduce OSS associated risk. In this podcast episode Springett explains the Log4j vulnerabilities and their potential exploit. He also shares the process enterprises need to take to respond to OSS incidents and how some of the OWASP projects he is involved in can be used to mitigate OSS and software supply chain risks. Links to the resources we discuss are below:OWASP Dependency-Track project: https://dependencytrack.org/OWASP CycloneDX: https://owasp.org/www-project-cyclonedx/OWASP Software Component Verification Standard (SCVS): https://owasp.org/www-project-software-component-verification-standard/Vulnerability Exploitability eXchange (VEX): https://blog.adolus.com/what-is-vex-and-what-does-it-have-to-do-with-sboms

It's 5 years since Reimagining Cyber began. Thanks to all of our loyal listeners!

As featured on Million Podcasts'

Best 100 Cybersecurity Podcasts

Top 50 Chief Information Security Officer CISO Podcasts

Top 70 Security Hacking Podcasts

This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via reimaginingcyber@gmail.com






Head Shot

Rob Aragao

Co-host
Head Shot

Tyler Moffitt

Co-host