Software flaws are inevitable, and as Log4Shell recently reminded us, their impact can be massive.

Using Log4Shell as a prime example we explain:

• What is a vulnerability?
• What is the timeline dealing with a critical one?
• What happens after its disclosure?
• And how you can try to make sense of all the details and defend against old and new threats.

Read more about vulnerability scores in our blog:
https://sysdig.com/blog/vulnerability-score-cvss-meaning/

Learn how Sysdig Secure can help you defend against vulnerabilities in your cloud and containers:
https://sysdig.com

Chapters:

0:00 Introduction

0:11 What's a Vulnerability?

0:37 Exploit examples

1:16 Log4Shell Timeline

2:36 Vulnerability databases

3:05 Log4Shell NVD details and CVSS score

4:08 Defending from vulnerabilities

5:05 Conclusion