Overview
Explore the power of Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) in container image assessment through this informative conference talk. Discover how Wolfi, an open-source container-optimized Linux distribution, achieves comprehensive SBOM coverage by accounting for components from each package source code. Learn to analyze and verify SBOMs, understand their construction process, and explore how Wolfi tooling automatically generates OpenVEX documents for newly disclosed CVEs, reducing false positives in security scans. Witness a live demonstration of building a cloud-native application image that includes a complete SBOM and VEX data, showcasing the practical implementation of these powerful security and vulnerability management tools.
Syllabus
Enabling VEX and Full SBOM Coverage with Wolfi Based Containers - Adolfo GarcÃa Veytia, Chainguard
Taught by
Linux Foundation