Log4Shell PoC exploit and mitigation demo on Kubernetes

Log4Shell PoC exploit and mitigation demo on Kubernetes

Dec 23, 2021

Demonstration of an RCE against the Log4Shell / CVE-2021-44228 vulnerability on a PoC Java EE app running on Kubernetes. I also go over a few mitigation steps you can take to reduce your exposure to this and other such exploits.

References mentioned in the video:

Tools used in the demo:
Docker Desktop: https://docs.docker.com/desktop/
Minikube: https://minikube.sigs.k8s.io/
kubectl: https://kubernetes.io/docs/tasks/tools/#kubectl

Snyk helps software-driven businesses develop fast and stay secure. Continuously find and fix vulnerabilities for npm, Maven, NuGet, RubyGems, PyPI and more.

Learn more about Snyk http://bit.ly/snyk-io

📱Social Media📱
Twitter: https://twitter.com/snyksec
Facebook: https://www.facebook.com/snyksec
LinkedIn: https://www.linkedin.com/company/snyk
Website: https://snyk.io/