-
Course
- Security
Talking Tradecraft @ Pluralsight: A Technical Dive into the Log4Shell Exploit
This course is a technical post-mortem of the Log4Shell vulnerability, discussing the impact that has been seen to date, new developments in the remediation, and what to expect in the future.
What you'll learn
This course is a post-mortem of the Log4Shell vulnerability, discussing the impact that has been seen to date, new developments in the remediation, and what to expect in the future. First you will learn about the different effected versions and CVE's that have been assigned to this category of vulnerabilities associated with the Log4J library. Next, we will cover different attacks that have been seen in the wild and how attackers can leverage this exploit in a full attack chain. Last, we will cover a technical walkthrough of the exploit it self and some technical mitigations you can use in any environment.
Table of contents
About the authors
Aaron M. Rosenmund is a cyber security operations subject matter expert, with a background in federal and business defensive and offensive cyber operations and system automation.
More Courses by AaronBri works as the Director of Security and IT Operations Curriculum and Research at Pluralsight creating cybersecurity training content. With a wealth of knowledge as an author of Pluralsight training content, she infuses a "red-team" or attacker-focused mindset into her teachings to grasp security concepts and defense strategies effectively.
More Courses by BriBrandon is a Sr. Security Author at Pluralsight. Prior Experience with Elastic and FL Air National Guard includes threat hunting, security analytics, and incident response.
More Courses by Brandon