The Java Agent: Modifying Bytecode at Runtime to Protect Against Log4J
You need to be signed in to add a collection
Java Agents are a powerful tool to instrument or modify your application at runtime. But how do they work? In this talk, I'll be going through how they work when configured at startup as well as attaching an agent to a running process. I'll show how the underlying Java Agent API works, how it can be used to both analyse an application and modify the application using a simple example of Bytecode modification to protect against Log4J and other vulnerabilities.
Transcript
Java Agents are a powerful tool to instrument or modify your application at runtime. But how do they work? In this talk, I'll be going through how they work when configured at startup as well as attaching an agent to a running process.
I'll show how the underlying Java Agent API works, how it can be used to both analyse an application and modify the application using a simple example of Bytecode modification to protect against Log4J and other vulnerabilities.
About the speakers
Senior Application Security Researcher at Contrast Security