Talking Tradecraft @ Pluralsight: A Technical Dive into the Log4Shell Exploit
This course is a technical post-mortem of the Log4Shell vulnerability, discussing the impact that has been seen to date, new developments in the remediation, and what to expect in the future.
This course is a post-mortem of the Log4Shell vulnerability, discussing the impact that has been seen to date, new developments in the remediation, and what to expect in the future. First you will learn about the different effected versions and CVE’s that have been assigned to this category of vulnerabilities associated with the Log4J library. Next, we will cover different attacks that have been seen in the wild and how attackers can leverage this exploit in a full attack chain. Last, we will cover a technical walkthrough of the exploit it self and some technical mitigations you can use in any environment.
Author Name: Aaron Rosenmund
Author Description:
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation. Leveraging his administration and automation experience, Aaron actively contributes to multiple open and closed source security operation platform projects and continues to create tools and content to benefit the community. As an educator & cyber security researcher at Pluralsight, he is focused on advancing cyber secur… more
Table of Contents
- Log4j In-depth Overview
5mins - How Is Log4j Being Used?
13mins - Demo: Log4j
32mins - Prevention
5mins
There are no reviews yet.