If there was still any shortage of public awareness about software supply chain security after SolarWinds, Log4j made sure that every last chief information security officer (CISO) is now aware they have a problem.
For many CISOs, the most startling revelation of the Log4j vulnerability was how difficult it was to discover whether and where the popular library was running in their environments.