StatusGator’s Response to Log4J

A popular open source library called Log4J was recently revealed to contain a number of security vulnerabilities. These vulnerabilities affected a wide range of software and services across the world. The United States Cybersecurity and Infrastructure Security Agency has released more background and official guidance that you can read about if interested.

StatusGator production systems were unaffected by Log4J, as they are built entirely in Ruby and hosted on Heroku, which was unaffected. We do make limited use of a business intelligence tool called Metabase which is built in Clojure on the JVM and was affected by the vulnerability, but we quickly patched our systems and were not compromised.

If you have further questions, please reach out.