Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

From SBOMs to F-Bombs: Vulnerability Analysis, SCA Tools, and False Positives and Negatives

OWASP Foundation via YouTube

Overview

Explore the complexities of vulnerability management in third-party software through this 46-minute OWASP Foundation conference talk. Delve into the world of Software Composition Analysis (SCA) tools and Software Bill of Materials (SBOMs), examining their effectiveness in addressing security concerns like Log4Shell and supply chain attacks. Gain insights from the perspective of a FOSS security library provider on the challenges and potential improvements in the vulnerability management process. Learn how AppSec engineers and developers can streamline and enhance their approach to identifying and mitigating security risks in third-party dependencies. Benefit from the speaker's extensive experience in application security, applied cryptography, and web AppSec as you navigate the intricate landscape of false positives and negatives in vulnerability analysis.

Syllabus

From SBOMs to F-Bombs: Vulnerability Analysis, SCA Tools, and False Positives & Negatives

Taught by

OWASP Foundation

Reviews

Start your review of From SBOMs to F-Bombs: Vulnerability Analysis, SCA Tools, and False Positives and Negatives

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.