I've follow up application security tools build history to figure out which company took action against Log4j vulnerability first.
9 min read
Log4j (CVE-2021-44228) is the latest news in the cybersphere, and It looks like we haven't seen it all yet.
First, it was reported by Chen Zhaojun from Alibaba Cloud Security Team on December 9. However, thanks to Cloudflare CEO Matthew Prince, now we know that there have been early tracks of Log4j exploitation since December 1.
The issue is still hot, and every day new vulnerability reports are getting published about Log4j.
Now let's see which dast tools can detect Log4j at the moment and how fast they released an update for it?
Now I want to hear from you.
What is your experience with your DAST tool to detect Log4j?
VERY GOOD POST
thanks, Amal. I will keep updating the list with the additional info coming from vendors.