Do you want your ad here?

Contact us to get your ad seen by thousands of users every day!

[email protected]

Java Security: Log4J, the SecurityManager, and Funding

  • March 24, 2023
  • 1397 Unique Views
  • < 1 min read

A demonstration of log4j exploits, which defenses people tried, and which worked.

We'll cover how groups responded effectively to patch to see what was common.

We'll also look at open source funding models, subscriptions, and bug bounty programs to see why it's sometimes hard to donate.

This talk uses actual exploit code that takes over systems through their log messages to open calculators.

Avatar photo

Erik Costlow

Author

Erik Costlow was Oracle’s principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

Avatar photo

Erik Costlow

Author

Erik Costlow was Oracle’s principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

Learn more

Trending

Week Month All

Foojay Podcast #65: Boost Your Career in 2025!

Make the Life of your Developer Client’s Easier with Smart Object Builders

The slow Death of the onjcmd Debugger Feature

Rate limiting with Redis: An essential guide

Fixed Window Counter Rate Limiter (Redis & Java)

Java Conferences in 2025

Reflections on 2024: A Remarkable Year for OmniFish, GlassFish, Piranha, and Jakarta EE

Indexing all of Wikipedia, on a laptop

“Transitioning to Java”: My First Book!

Book Review: Mastering the Java Virtual Machine

foojay: A Place for Friends of OpenJDK

Dashboard for OpenJDK Update Release Details

JDK14: New Features and Enhancements

Fun with Flags: My Top 10 Resources for JVM Flags

Performance of Modern Java on Data-Heavy Workloads: Real-Time Streaming

Performance of Modern Java on Data-Heavy Workloads: Batch Processing

How does Java handle different Images and ColorSpaces – Part 1

How does Java handle different Images and ColorSpaces – Part 2

How does Java handle different Images and ColorSpaces – Part 3

How does Java handle different Images and ColorSpaces – Part 4

Indexing all of Wikipedia, on a laptop

Working with Multiple Carets in IntelliJ IDEA

Java 17 on the Raspberry Pi

Clean Shutdown of Spring Boot Applications

Foojay Slack: bit.ly/join-foojay-slack

How to Create Mobile Apps with JavaFX (Part 1)

Beginning JavaFX Applications with IntelliJ IDE

SpringBoot 3.2 + CRaC

Project Panama for Newbies (Part 1)

Java 21 is Available Today, And It’s Quite the Update

Do you want your ad here?

Contact us to get your ad seen by thousands of users every day!

[email protected]

Related Articles

Java: Where the Wild Code Isn’t
Java: Where the Wild Code Isn’t
Sep 17 4,5K
Erik Costlow
Security
Java's Project Panama
Project Panama for Newbies (Part 1)
Project Panama for Newbies (Part 1)
Aug 10 25,3K
Carl Dea
Project Panama
1
JEPs
7 Reasons Why, After 26 Years, Java Still Makes Sense!
7 Reasons Why, After 26 Years, Java Still Makes Sense!
Mar 15 22,1K
A N M Bazlur Rahman
Java Core
2
Opinion Java Beginner

Comments (0)

Highlight your code snippets using [code lang="language name"] shortcode. Just insert your code between opening and closing tag: [code lang="java"] code [/code]. Or specify another language.

No comments yet. Be the first.

Set Event Reminder

Subscribe to foojay updates:

https://foojay.io/feed/
Copied to the clipboard