Jeff Macko is an associate managing director in the cyber risk practice at corporate investigations and risk consultancy Kroll, based in New York. With over 25 years of experience and several certifications in information technology and security, he leads a team of offensive security experts in North America. Macko discusses: Best practices for identifying and remediating Log4j in the enterprise; Vetting: Strategies for reviewing open-source and other software components; Frameworks: How regulatory proposals such as having a software bill of materials might eventually help, and what IT teams can do in the interim.”]
Source: https://www.cuinfosecurity.com/from-trenches-remediating-widespread-apache-log4j-flaw-a-18358