Remediating vulnerabilities without derailing productivity

Improve your readiness to reduce the impact of the next CVE


Remediating_vulnerabilities

Early in December 2021, the most critical and wide spread zero-day exploit in years was announced, impacting companies large and small. For nearly a week, there were even rumours that one of NASA's Mars rovers was vulnerable. Log4Shell, as it has been named, was a vulnerability in the popular library log4j, used for logging across most Java applications.

CVE-2021-44228 was just the latest, and largest, of a series of Common Vulnerabilities and Exposures (CVE) announcements. Each time you get the bad news, it upends your carefully planned software development process. Scheduled work comes to a grinding halt so you can perform essential emergency surgery on your applications.

How do you prepare your team to absorb the unplanned work that a new vulnerability creates in your software without blowing up sprints and derailing productivity for months? If you said "never again" after dealing with the log4j CVE, our latest Regcast is right up your street. Join Peter Chestna of Checkmarx who will be talking to El Reg's Tim Phillips about how to achieve your time-to-market goals without compromising security. You will learn:

  • The true scope of the mess created by the Log4j CVE
  • Why most companies struggled to address it quickly
  • The steps you can take to be ready for the next one