The Salt team hosted Office Hours to discuss the Log4Shell/CVE-2021-44228 vulnerability including:
- an overview of the vulnerability
- best practices for mitigating it
- insights on how the Salt AI/ML algorithms detected it before the news was public
Our VP of Security Research, Yaniv Balmas, calls Log4Shell “one of the worst” vulnerabilities he’s seen in many years. He takes questions about the vulnerability and potential exploits, and Elad Koren, our VP of Product Management, addressed how Salt approached identifying if the Salt platform was susceptible (it wasn’t) and how we rapidly updated our platform to identify bad actors attempting to exploit this vuln.