Learn critical strategies for handling high-risk CVEs in open source software packages through this conference talk from Microsoft experts. Discover essential tools and approaches for rapid CVE response in container images, from using Copacetic for in-place patching to building projects from scratch. Explore common challenges in building and testing upstream projects, understand emerging industry practices, and gain insights into effectively communicating security risks across teams. Master best practices for managing your open source software supply chain, including identifying potential pitfalls and implementing proper security measures to maintain platform accreditation and business continuity.
Strategies for Patching Critical CVEs in Open Source Software - Best Practices and Tools
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
It's Dangerous to Build It Alone, Take This. - Jeremy Rickard & Ashna Mehrotra, Microsoft
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
Project Copacetic - Directly Patch Container Image Vulnerabilities
-
Cleaning up Vulnerable Images from Kubernetes Nodes
-
Securing the Software Supply Chain: From Threats to Best Practices
-
Enforcing a Secure Supply Chain on Kubernetes
-
The Road to Zero CVEs: People and Technology
-
Open Source CVE Monitoring and Management - Cutting Through the Vulnerability Storm
