Maintained with ☕️ by
IcePanel logo

Amazon CodeGuru Reviewer now detects Apache Log4j and other log injection vulnerabilities in code

Share

Services

[Amazon CodeGuru](/codeguru/) is a developer tool powered by machine learning that provides intelligent recommendations to detect security vulnerabilities, improve code quality, and identify an application’s most expensive lines of code. Today we are announcing a new log injection detector that analyzes your Java or Python code for potentially unsafe logging statements, including those that could be leveraged by the Apache Log4j issue. This works by confirming your code prevents attackers from forging log entries, injecting malicious content into logs, or remote code execution (RCE). When a log injection vulnerability is found, CodeGuru Reviewer provides an actionable recommendation from a repository analysis in the CodeGuru console or as a pull request comment. When you add a new repository to Amazon CodeGuru Reviewer, the service performs an initial repository analysis and provides recommendations on a wide range of code quality and security issues including log injection attacks. As your codebase evolves, CodeGuru Reviewer continues to help you protect your application by integrating into your pull request workflow or CI/CD pipeline. To get started with Amazon CodeGuru Reviewer log injection detector, visit the [blog](https://aws.amazon.com/blogs/aws/new-for-amazon-codeguru-reviewer-detector-library-and-security-detectors-for-log-injection-flaws/), [CodeGuru Reviewer Detector Library](https://docs.aws.amazon.com/codeguru/detector-library/index.html), or the [user guide](https://docs.aws.amazon.com/codeguru/latest/reviewer-ug/recommendations.html). To learn more about Amazon CodeGuru Reviewer, take a look at the [Amazon CodeGuru page](/codeguru/). To contact the team, visit the Amazon CodeGuru [developer forum](https://forums.aws.amazon.com/forum.jspa?forumID=360).