Log4j and VMware Tanzu Application Service

December 17, 2021

This video goes into detail on how to perform application and platform mitigation of the Log4j CVEs using VMware Tanzu Application Service. Please note: This content is relevant as of 12/16/21 and could become outdated due to the ever-changing Log4j situation. Here are some additional resources regarding this vulnerability: High-level VMware Security Advisory: https://www.vmware.com/security/advisories/VMSA-2021-0028.html Tanzu Application Service KB: https://community.pivotal.io/s/article/Workaround-instructions-to-address-CVE-2021-44228-in-Tanzu-Application-Service-2-7-through-2-12?language=en_US Operations Manager KB: https://community.pivotal.io/s/article/5004y00001mPn2N1639255611105?language=en_US Buildpack KB: https://community.pivotal.io/s/article/CVE-2021-44228-Apache-Log4j2-JNDI-Remote-Code-Execution?language=en_US Apache Lo4j security link: https://logging.apache.org/log4j/2.x/security.html Example java code: https://stackoverflow.com/questions/70317385/gradle-java-how-to-upgrade-log4j-safely/70321593

Previous
VMware Tanzu Application Service Delivers Operational Excellence During Log4Shell
VMware Tanzu Application Service Delivers Operational Excellence During Log4Shell

Rapid response to Log4Shell vulnerabilities enabled Tanzu Application Service customers to quickly and easi...

Next Video
Expanding VMware Tanzu Application Service with the Cloud Service Broker for AWS
Expanding VMware Tanzu Application Service with the Cloud Service Broker for AWS

This demo showcases how teams can expand their VMware Tanzu Application Service with the Cloud Service Brok...