Breaking Free from Vulnerability Scanning Noise - Automated VEX Aggregation for Accuracy

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!

Grab it

Learn about vulnerability scanning accuracy and noise reduction in this 38-minute conference talk from KubeCon + CloudNativeCon. Explore how Vulnerability Exploitability eXchange (VEX) addresses false-positive results in vulnerability scanning through VEX Hub, a centralized repository for automated VEX document aggregation. Discover the challenges of standardized vulnerability scanning distribution and how VEX Hub's architecture enables software maintainers to adopt VEX while seamlessly integrating with existing scanner workflows. See a practical demonstration of VEX Hub's implementation with Trivy, an open-source security scanner, and understand how this integration delivers more precise and actionable security scanning results for users.

Syllabus

Breaking Free from Vulnerability Scanning Noise: Automated VEX Aggregation for Accu... Teppei Fukuda

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Breaking Free from Vulnerability Scanning Noise - Automated VEX Aggregation for Accuracy

Taught by

Nessus Scanner - Network Scanning from Beginner to Advanced

Automated End-to-End VEX Streams You Can Trust

How to Reduce CVE Noise with VEX - Vulnerability-Exploitability eXchange

SBOMs, VEX, and Kubernetes - Software Supply Chain Security in Cloud Native Environments

Will Large-Scale Automated Scanning Stop Malware on OSS Repositories?

VEXing Open Source Security - Vulnerability Data for Everything

Never Stop Learning.