Security is a process, not a product. Opinion We’re going to be cleaning up Apache Log4j security problems for months to come, but the real problem isn’t that it was open-source software. It’s how we track and use open-source code.…

Source: LXer – Open source isn’t the security problem – misusing it is