About Us

Laser Focus World is an industry bedrock—first published in 1965 and still going strong. We publish original articles about cutting-edge advances in lasers, optics, photonics, sensors, and quantum technologies, as well as test and measurement, and the shift currently underway to usher in the photonic integrated circuits, optical interconnects, and copackaged electronics and photonics to deliver the speed and efficiency essential for data centers of the future.

Our 80,000 qualified print subscribers—and 130,000 12-month engaged online audience—trust us to dive in and provide original journalism you won’t find elsewhere covering key emerging areas such as laser-driven inertial confinement fusion, lasers in space, integrated photonics, chipscale lasers, LiDAR, metasurfaces, high-energy laser weaponry, photonic crystals, and quantum computing/sensors/communications. We cover the innovations driving these markets.

Laser Focus World is part of Endeavor Business Media, a division of EndeavorB2B.

Laser Focus World Membership

Never miss any articles, videos, podcasts, or webinars by signing up for membership access to Laser Focus World online. You can manage your preferences all in one place—and provide our editorial team with your valued feedback.

Magazine Subscription

Can you subscribe to receive our print issue for free? Yes, you sure can!

Newsletter Subscription

Laser Focus World newsletter subscription is free to qualified professionals:

The Daily Beam

Showcases the newest content from Laser Focus World, including photonics- and optics-based applications, components, research, and trends. (Daily)

Product Watch

The latest in products within the photonics industry. (9x per year)

Bio & Life Sciences Product Watch

The latest in products within the biophotonics industry. (4x per year)

Laser Processing Product Watch

The latest in products within the laser processing industry. (3x per year)

Get Published!

If you’d like to write an article for us, reach out with a short pitch to Sally Cole Johnson: [email protected]. We love to hear from you.

Photonics Hot List

Laser Focus World produces a video newscast that gives a peek into what’s happening in the world of photonics.

Following the Photons: A Photonics Podcast

Following the Photons: A Photonics Podcast dives deep into the fascinating world of photonics. Our weekly episodes feature interviews and discussions with industry and research experts, providing valuable perspectives on the issues, technologies, and trends shaping the photonics community.

Social Media

BlueskyFacebookInstagram LinkedIn • YouTube

Meet the Laser Focus World Team

Editorial

Sales

Editorial Advisory Board

  • Professor Andrea M. Armani, University of Southern California
  • Ruti Ben-Shlomi, Ph.D., LightSolver
  • James Butler, Ph.D., Hamamatsu
  • Natalie Fardian-Melamed, Ph.D., Columbia University
  • Justin Sigley, Ph.D., AmeriCOM
  • Professor Birgit Stiller, Max Planck Institute for the Science of Light, and Leibniz University of Hannover
  • Professor Stephen Sweeney, University of Glasgow
  • Mohan Wang, Ph.D., University of Oxford
  • Professor Xuchen Wang, Harbin Engineering University
  • Professor Stefan Witte, Delft University of Technology
My Watchlist
Indicators
Industrial Laser Index
Markets
Stocks
ETFs
Tools
Markets:
Overview
News
Currencies
International
Treasuries

JFrog Releases OSS Tools to Identify Log4j Utilization in Both Binaries & Source Code

By: via Business Wire

Open-Source Tools Allow Developers to Quickly Determine Exposure & Focus Remediation Efforts to Speed Time to Resolution

JFrog Ltd. (“JFrog”) (NASDAQ: FROG), the Liquid Software company and creators of the JFrog DevOps Platform, today released free scanning tools specifically designed for developers to detect the presence and utilization of Apache Log4j in both source code and binaries. The four new tools are available for download immediately via GitHub in both Java and Python.

The new tools perform specialized scans to identify direct or indirect (transitive) dependencies, as well as instances where Log4j does not appear as a separate file, but is bundled inside a larger software package and harder to detect. The new tools are command line-based for easy integration with developers’ existing environments and their open-core helps ensure the capabilities will continue to evolve over time as needs change.

“The Log4j vulnerability has set the enterprise software landscape on fire due to its widespread usage as a component across the software supply chain, making it difficult to rapidly pinpoint and remediate,” said Asaf Karas, CTO of JFrog Security Research. “In times of crisis open-source tools that scan both binaries and source code allow community collaboration and contributions to collectively solve immediate and long-term security issues, which is why we’re proud to release these tools today.”

Industry research estimates nearly half of all global enterprises have already been impacted by the Log4j vulnerability with incidents rising by the day. Government officials from Austria, Canada, New Zealand, the U.K., and the U.S. have also sounded alarms over this recently exposed vulnerability and are recommending immediate action by enterprises and software providers alike.

The Log4j vulnerability was originally discovered and reported to Apache by the Alibaba cloud security team on November 24th. MITRE assigned CVE-2021-44228 to this vulnerability, which has since been dubbed Log4Shell by security researchers. JFrog’s Security Research team detailed currently known Log4j vulnerabilities and outlined best practices for how to identify and address them in this blog, which is being continuously updated.

Interested parties can also register to learn more about Log4j, its impact, and how to quickly identify and manage threats in JFrog’s webinar, Log4Shell Vulnerability: All you need to know,” taking place on Thursday, December 16, 2021 at 11 am PT/2 pm ET.

Like this Story? Tweet this: .@jfrog releases 4 new OSS tools to help identify and remediate Log4j vulnerabilities. Download them now: https://github.com/jfrog/log4j-tools

About JFrog

JFrog is on a mission to be the company powering all of the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The company’s end-to-end DevOps platform – the JFrog Platform - provides the tools and visibility required by modern organizations to solve today’s challenges across critical pieces of the DevOps cycle. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services on a number of cloud service provider platforms. JFrog is trusted by millions of users and thousands of customers, including a majority of the Fortune 100 companies that depend on JFrog solutions to manage their mission-critical software delivery pipelines. Learn more at jfrog.com.

Cautionary Note About Forward-Looking Statements

This press release contains “forward-looking” statements, as that term is defined under the U.S. federal securities laws, including but not limited to statements regarding open-source tools that allow developers to quickly determine exposure and focus remediation efforts to speed time to resolution, our ability to meet customer needs, and our ability to drive market standards. These forward-looking statements are based on our current assumptions, expectations and beliefs and are subject to substantial risks, uncertainties, assumptions and changes in circumstances that may cause JFrog’s actual results, performance or achievements to differ materially from those expressed or implied in any forward-looking statement.

There are a significant number of factors that could cause actual results, performance or achievements, to differ materially from statements made in this press release, including but not limited to risks detailed in our filings with the Securities and Exchange Commission, including in our annual report on Form 10-K for the year ended December 31, 2020, our quarterly reports on Form 10-Q, and other filings and reports that we may file from time to time with the Securities and Exchange Commission. Forward-looking statements represent our beliefs and assumptions only as of the date of this press release. We disclaim any obligation to update forward-looking statements.

Contacts

More News

View More
Eli Lilly Stock Soars on Trump Tariff Hopes and Pfizer Deal
Via MarketBeat
Topics Government World Trade
Tickers LLY PFE
3 Exceptional Stocks to Build Long-Term Wealth
Via MarketBeat
Topics Economy
Tickers ABBV COST RKLB
Insider Sales Jump at Broadcom and CoreWeave: Red Flag Ahead?
Via MarketBeat
Topics Artificial Intelligence
Tickers AVGO CRWV NVDA
Marvell Insiders Buy Shares—Should Investors Follow Suit?
Via MarketBeat
Topics Artificial Intelligence
Tickers MRVL NVDA ORCL
Trump’s Drug Price Cuts: Boom or Bust for These 3 Pharma Giants
Via MarketBeat
Topics Government Supply Chain World Trade
Tickers JNJ LLY PFE
Stock Quote API & Stock News API supplied by www.cloudquote.io
Quotes delayed at least 20 minutes.
By accessing this page, you agree to the following
Privacy Policy and Terms Of Service.