RudderStack Unaffected by Log4j Vulnerability

We'll send you updates from the blog and monthly release notes.

Kristen Glass

Director of Product Marketing at RudderStack

You may be aware of the widespread security issue relating to the Log4j vulnerability that has affected many companies and vendors. We are happy to report that our systems are unaffected by this vulnerability.

What is the scope of the Log4j vulnerability?

Apache Log4j is a popular Java-based logging library that gives developers an easy way to build a record of activity that can be used for auditing, data tracking, troubleshooting and more. Many companies around the world use Log4j to configure their applications. Last week, a vulnerability involving remote code execution was discovered. While that vulnerability is now patched, cybersecurity experts are raising concerns as thousands of hacking attempts are occurring per hour.

Why is RudderStack a safer solution for customer data pipelines?

RudderStack does not use Log4j or any software impacted by this vulnerability. Our approach is warehouse-first and we do not store sensitive information. With RudderStack, your warehouse is turned into a data pipeline infrastructure. Our customers can implement the RudderStack SDKs just once and then automatically send data to their warehouse and business tools without API changes and broken pipelines.

If you are interested in exploring a safer way to set up, collect, transform, and route your customer data, try RudderStack for free.