Case Study: LiveRamp remediates Log4Shell with Snyk

How LiveRamp used Snyk to remediate Log4Shell

LiveRamp, a data connectivity company, was preparing to secure its CI/CD pipeline when the Log4Shell zero-day vulnerability hit in Log4j. At the time, the team had just completed a proof-of-concept with Snyk and was beginning to implement Snyk Open Source and Snyk Container to improve visibility across its Java applications and containers.

Using Snyk’s API import tool and container scanning, LiveRamp quickly identified vulnerable Log4j instances across its environment, including 400 Java projects and container images in GCR. Snyk helped LiveRamp remediate 23% of those Java projects, prioritize external-facing apps first, and eliminate all Log4Shell instances from external and internal applications by year-end; full remediation of vulnerable Log4j versions took until the end of January.

LiveRamp

John Jelinek

Staff DevOps Engineer