When there is a fire, you bring a hose of water, not a can of gasoline.

When log4j started, one of the main challenges for organization was to identify which server is vulnerable.

I’m happy to be a part of the team that decide to help with a solution for that problem.

This solution is released as open-source (same like log4j) to help others for the greater good.

Read more about it here: https://medium.com/proferosec-osm/log4jscanner-835dcd0b3430

and get the tool here: https://github.com/proferosec/log4jScanner

Not how many, but where.