All Day DevOps: Third of Log4j downloads still pull vulnerable version despite threat of supply chain attacks

AppSec engineer Sean Wright warned at the All Day DevOps conference that controls need to be put in place to counter a 742% rise in next-generation supply chain attacks, which have grown rapidly since the SolarWinds incident. To protect againstattacks, companies should ensure servers are well-protected and restrict outbound access. Wright also advised security teams to pay attention to the vector of vulnerability over the severity score.