We want our customers to rest assured that our Snapshot product is not vulnerable to the Log4j security exploit.
Snapshot is a desktop application that communicates directly between your personal computer and your Salesforce account. This architecture is similar to Tableau, Salesforce DX and Slack. We don’t have a cloud that can be attacked, or a server that can be compromised. We can’t lose your data, passwords, or Session IDs because we don’t have access to that information in the first place. Snapshot was purpose built to avoid security problems like Log4j, as well as other future enterprise server and data center vulnerabilities that have not yet been discovered.
Bill Appleton
CTO Metazoa
Snapshot Security Policy: https://www.metazoa.com/privacy-and-security/
More information about Log4j: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228
The Risk of Storing Metadata in the Cloud: https://www.metazoa.com/cloud-storage-metadata-risk/