Lieuwe Jan Koning Archives

The Log4j lessons: so what IS vulnerability management anyway?

June 30, 2022April 20, 2022

In our first Log4j lessons blog, we focused on the necessity of becoming very, very good at patching, and making it a well-documented and automated routine in your IT-environment. This might sound obvious, but many organizations hit serious hurdles in their initial Log4j handling because their patch machine did not start cold. Our main takeaway … Read more

The Log4j lessons: If it ain’t broke, fix it now!

January 3, 2023January 21, 2022

A blog series with the title The Log4J lessons might suggest that the fallout of the Log4j vulnerability is mostly behind us. Indeed, since the end of 2021, there has been a tremendous effort from technology vendors, SOC’s and IT departments to mitigate this threat. But given the widespread usage of this open-source logging library and the … Read more