If you’ve been online at all this week, chances are that you’ve heard about the Log4Shell zero-day (CVE-2021-44228) in Log4J, a popular Java logging library. The vulnerability enables Remote Code Execution (RCE), which allows attackers to run arbitrary code on the target’s machines. I know the first question that you all have is: “Is Kong affected by Log4Shell?” Let’s start with the good news: No Kong products are affected by this Log4J vulnerability.
Here at Appian, we have experienced tremendous growth in the past few years by helping our customers solve their most important business problems faster. We do this by providing a low-code platform that brings together humans, systems, and most recently, robots in support of any mission.
Your data is safe with Rollbar. A zero day in the Java ecosystem was discovered that could exploit Apache’s Log4J library. The vulnerability can, potentially, impact users of Rollbar’s Java SDK if they selected Log4J for their project. We recommend that all projects that are dependent on Log4J upgrade their dependencies so they require a version at/after 2.16.0.
Every day, we use and generate huge amounts of data. And this data is used by different sectors like healthcare, finance, marketing, and others. However, data breaches are increasingly rampant these days. That’s why such sensitive information should be safeguarded. This is where penetration hacking comes in handy. Penetration testing or ethical hacking is used to get access to resources. Hackers carry out attacks to uncover security vulnerabilities and assess their strengths.
If you’re working in a regulated industry, compliance audits are a part of your day-to-day. Without the right processes in place to follow applicable standards, compliance can be tricky, and audits can be daunting. In order to successfully comply with regulatory standards applicable in your industry, you will be required to adopt a set of tools and practices as part of your product lifecycle itself.
The Neosec platform integrates with Kong Gateway Enterprise to provide automated and continuous API discovery, API risk posture alerting and API protection through behavioral analytics and response automation. And it does all that while being out of band, using the logs shipped from Kong to Neosec.
Software security breaches pose a major safety and security threats. However, writing high quality, secure code can be a challenge without the right tools and knowledge. Read along or jump ahead to the section that interests you the most.
Javascript is here to stay! And the server-side Node.js project is no different 💚. This year marks the 12th (Dec 4, 2009) anniversary of the birth of Node.js, and although it may seem incredible, Javascript has been around for 25 years and the web respectively 32 years. The ecosystem of Node.js is mature and supported by an active community of library developers and authors. Being so popular, it also becomes an exciting challenge for crackers.
