Back to All Events

OWASP Suffolk Chapter - Log4J - Past, Present, and Future

The Talk:

The log4j incident shocked the world back in December - but by implementing the proper protocols and tools early-on organizations can be better prepared moving forward. Logs, metrics, security, and metrics can be your secret weapon when it comes to the observability of your applications and software. But are you using all of your data sources to their full potential?

We’ll go over what organizations should keep in mind before, during, and post-security vulnerabilities (based on the log4j incident) when it comes to their monitoring tools and how powerful insights can be pulled to avoid delayed crisis management.

Goals:
1. Dive into logs, metrics, and security
a. What they can be used for, aka what information can be pulled & what insights can be gathered
i. Regarding security specifically - tailor-made security alerting rules for organizations
c. What are the benefits
2. Discuss the log4j incident
a. What it was, why it happened, timeline, etc
b. What were the implications/What was the impact
c. How it was resolved
d. What went well
e. What didn’t go well
3. Post log4j
a. How can organizations better protect themselves
4. Introduce Every log is a security log
5. Conclusion: There’s a growing list of companies suffering from security breaches - don’t be one of them. Get ahead of the game and protect yourself now and in the future.

About the speakers:

Ariel is a veteran of the Israeli intelligence elite unit 8200. He has over 10 years of Product and team management experience and was the former product manager at the IDF and QA & Integration GL at Verint.

Yuval Khalifa - Chief Security Architect at Coralogix

A former enterprise security expert at Sygnia, Cyber solutions architect at the IAI, and a CTO at the largest insurance agency in Israel. Yuval has vast experience in Cybersecurity secure coding, network architecture, and AI/ML.

Agenda:

  • Welcome and OWASP updates

  • Talk: Log4J - Past, Present, and Future

  • Q&A

Previous
Previous
17 May

SIMS - You Don't Need A Website

Next
Next
19 May

Thirsty Robot Online Pub