Product

Products
Vulnerability Management
Automatically find and fix open source vulnerabilities in dependencies, source files local open source assets
License Compliance Management
Accurate license detection in dependencies and source code with automated source code attribution
Supply Chain Risk & Quality
Open source supply chain risk and quality data detects anomalies that put your company at risk. We automatically alert and gate threatening components
Embedded Open Source Detection
Up to 15% of your software is made from embedded open source. We can detect, report and automatically annotate your source files to ensure compliance

Services
Mergers & Acquisitions + Audits
Quick, comprehensive, and accurate open source license and vulnerability audit with actionable data and automated license annotation.
Resources

Blog Integrations & Language Support
Company

About us
Pricing
Contact

Threatrix Blog

Enterprise open source security & compliance

Month: December 2021

The FTC Will Pursue Companies Not Patching Log4j to Protect Customer Data

Post author By Kristen Bianchi
Post date December 22, 2021
No Comments on The FTC Will Pursue Companies Not Patching Log4j to Protect Customer Data

Log4Shell exploits are present in 17,000 unpatched Log4J packages in the Maven Central ecosystem, posing a significant supply-chain risk. Google security estimates that approximately 17,000 Java packages in the Maven Central repository are vulnerable to Log4j – and that it will take “years” for it to be fixed across the ecosystem. The Log4j bug impacts […]