Java Security: Log4J, the SecurityManager, and Funding (Erik Costlow)

Name: Java Security: Log4J, the SecurityManager, and Funding (Erik Costlow)
Uploaded: Feb 10, 2022
Duration: 2276 s
Description: A demonstration of log4j exploits, which defenses people tried, and which worked. We'll cover how groups responded effectively to patch to see what was common. We'll also look at open source funding models, subscriptions, and bug bounty programs to see why it's sometimes hard to donate. This talk will use actual exploit code that takes over systems through their log messages to open calculators.

Friends of OpenJDK (Foojay.io)210 subscribers

85 views

Feb 10, 2022

37:56

A demonstration of log4j exploits, which defenses people tried, and which worked. We'll cover how groups responded effectively to patch to see what was common. We'll also look at open source funding models, subscriptions, and bug bounty programs to see why it's sometimes hard to donate. This talk will use actual exploit code that takes over systems through their log messages to open calculators.

Download

1 formats

Video Formats

360pmp449.8 MB

Download

Right-click 'Download' and select 'Save Link As' if the file opens in a new tab.