Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

Linux Foundation

Enabling VEX and Full SBOM Coverage with Wolfi Based Containers

Linux Foundation via YouTube

Overview

Explore the power of Software Bill of Materials (SBOM) and Vulnerability Exploitability eXchange (VEX) in container image assessment through this informative conference talk. Discover how Wolfi, an open-source container-optimized Linux distribution, achieves comprehensive SBOM coverage by accounting for components from each package source code. Learn to analyze and verify SBOMs, understand their construction process, and explore how Wolfi tooling automatically generates OpenVEX documents for newly disclosed CVEs, reducing false positives in security scans. Witness a live demonstration of building a cloud-native application image that includes a complete SBOM and VEX data, showcasing the practical implementation of these powerful security and vulnerability management tools.

Syllabus

Enabling VEX and Full SBOM Coverage with Wolfi Based Containers - Adolfo García Veytia, Chainguard

Taught by

Linux Foundation

Reviews

Start your review of Enabling VEX and Full SBOM Coverage with Wolfi Based Containers

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.