Next 2022 Log4j Reflections, Software Dependencies and Open Source Security

Guest:

• Dr Nicky Ringland, Product Manager for Open Source Insights, Google

Topics:

• Let's talk Open Source Software - are all these dependencies dependable?
• Why was log4j such a big thing - at a whole ecosystem level?
• Was it actually a Java / Maven problem? Are other languages “better” or more secure?
• Is another log4j inevitable? What can organizations to minimise their own risks?

 Resources:

• Google Cloud Next 2022
• Open Source Insights at deps.dev
• Blog at blog.deps.dev with posts on Understanding the Impact of Apache Log4j Vulnerability and what happens After the Advisory
• Assured Open Source Software service