This pages is about Swetugg Stockholm 2023. Go to Swetugg Stockholm 2024.

Dan Bergh Johnsson

Omegapoint, VP Academy, Head of Advocates

What the .NET community can learn from the Log4Shell exploit
Katrinebergssalen, Wednesday 16:20 - 17:10

In December 2021, the Java community was hit by the Log4Shell exploit that showed the vulnerability in one of the most common Java frameworks used on the Internet. Obviously .NET isn't vulnerable to this particular attack, but we think there are important insights that apply to .NET equally well.

In this session, we will drive our analysis using Secure by Design to understand why it is important to consider architecture and design around logging – as it is often overlooked and become a potential attack surface.

Dan Bergh Johnsson

Programmer with an interest for security. Uses high-quality and low-latency development to drive security. Agile aficionado, DDD enthusiast, and DevOps admirer. Author of "Secure by Design" [Manning].