Log4J mini lab

Mini Lab
Voting no longer possible
Voting enabled when talk has started

The Log4j security vulnerability better known as Log4Shell was the most severe security issue in years. In this minilab, we will explore and rebuild the exploit in an old and new versions of Java. After this lab, you have a better understanding of this security vulnerability. More importantly, you know why and how to fix similar problems in your application.

Brian Vermeer


Sr. Developer Advocate for Snyk, Java Champion, and Software Engineer with over a decade of hands-on experience in creating and maintaining software. He is passionate about Java, (Pure) Functional Programming and Cybersecurity. Brian is a JUG leader for the Virtual JUG and the NLJUG. He also co-leads the DevSecCon community and is a community manager for Foojay. He is a regular international speaker on mostly Java-related conferences like JavaOne, Devnexus, Devoxx, Jfokus, JavaZone and many more. Besides all that, Brian is a military reserve for the Royal Netherlands Air Force and a Taekwondo Master / Teacher.

Micah Silverman


Micah is Snyk's Director of DevSecOps Acceleration. With 27 years of Java Experience (yup, that's from the beginning) and 21 years as a security professional Micah's authored numerous articles, co-authored a Java EE book, and spoken at many conferences. He's a maker, who's built full-size MAME arcade cabinets and repaired old electronic games ( He brings his love of all things security and Java to a conference near you!