Log4j Vulnerability: A Fireside Chat

Join our panelists as they dive into the attacker’s perspective and how you can identify unusual activity and harden systems against further compromise.

A serious code-execution vulnerability in Log4j (an open source logging utility used in a wide variety of applications) was discovered, which could potentially pose significant impact to organizations globally.

Watch our on-demand webcast to learn more about the implications of the Log4j vulnerability. Our panel  of experts provides an overview of the CVE-2021-44228 vulnerability and what they are seeing so far.

Dan Petro Headshot

About the speaker, Dan Petro

Senior Security Engineer

As a senior security engineer for the Bishop Fox Capability Development team, Dan builds hacker tools, focusing on attack surface discovery. Dan has extensive experience with application penetration testing (static and dynamic), product security reviews, network penetration testing (external and internal), and cryptographic analysis. He has presented at several Black Hats and DEF CONs on topics such as hacking smart safes, hijacking Google Chromecasts, and weaponizing AI. Dan holds both a Bachelor of Science and a Master of Science in Computer Science from Arizona State University.

More by Dan
Ori zigindere

About the speaker, Ori Zigindere

Director of Cosmos Operations at Bishop Fox

Ori Zigindere is Director of COSMOS (formerly CAST) Operations at Bishop Fox with a background in software engineering. He works with a wide range of companies in all major industries and leads a team that helps them improve their security posture against day to day threats.

Ori believes in the value of privacy and security and helps both individuals and organizations to improve their understanding of these topics. In his spare time, he runs WorkshopCon, a company he co-founded, which helps bring together information security students and trainers for world class quality, low cost training.

Ori is an avid volunteer for local information security events in the New England area where he co-organizes Boston Security Meetup and is a board member at OWASP Boston where he is responsible for coordinating volunteers for the annual Boston Application Security Conference (BASC). Ori is a certified GIAC Web Application (GWAPT) and Network Penetration Tester (GPEN) and holds a bachelor's degree in computer science.

More by Ori
Tom Eston

About the speaker, Tom Eston

VP of Consulting and Cosmos at Bishop Fox

Tom Eston is the VP of Consulting and Cosmos at Bishop Fox. Tom's work over his 15 years in cybersecurity has focused on application, network, and red team penetration testing as well as security and privacy advocacy. He has led multiple projects in the cybersecurity community, improved industry standard testing methodologies and is an experienced manager and leader. He is also the founder and co-host of the podcast The Shared Security Show; and a frequent speaker at user groups and international cybersecurity conferences including Black Hat, DEF CON, DerbyCon, SANS, InfoSec World, OWASP AppSec, and ShmooCon.
More by Tom
Justin R

About the speaker, Justin Rhinehart

Senior Analyst

Justin Rhinehart is a Senior Analyst at Bishop Fox on the Bishop Fox Cosmos, formerly known as CAST, team.

More by Justin

Extend Your Knowledge

Check out these related resources.

Webcast on Solar Winds attack featuring cybersecurity experts Vincent Liu, Alex Stamos, and Charles Carmakal.
Webcast

Fireside Chat: What We Learned from the SolarWinds Attack (and Beyond)

On-demand webcast features security experts discussing recent attacks at SolarWinds, Colonial Pipeline, and more.

Learn More
Log4J Rapid Response title with Blue keyhole for illustration of vulnerability. Log4j Vulnerability: Impact Analysis
Advisory

Dec 10, 2021

Log4j Vulnerability: Impact Analysis

By Wes Hutcherson

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.