Explore effective vulnerability management strategies for cloud-native environments in this informative conference talk. Learn how to leverage open-source tools like Trivy and Copacetic, along with open standards such as VEX, to streamline and automate the process of managing vulnerabilities in containers. Discover practical techniques for improving the security posture of cloud-native workloads across development, testing, and production environments. Gain insights into reducing noise and efficiently tracking patches and exceptions at scale. Walk away with actionable knowledge to enhance your organization's security practices and effectively manage vulnerabilities in the cloud-native landscape.
Scan, Patch, VEX - Using Open Source Tools to Manage Vulnerabilities in Containers
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
Scan, Patch, VEX - Using Open Source Tools to Manage...Toddy Mladenov & Sertaç Özercan, Itay Shakury
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
How to Generate VEX Automatically for Your Project
-
Breaking Free from Vulnerability Scanning Noise - Automated VEX Aggregation for Accuracy
-
Generating VEX Documents with Kubescape
-
SBOMs, VEX, and Kubernetes - Software Supply Chain Security in Cloud Native Environments
-
First Steps to Full Lifecycle Security with Open Source Tools
-
How to Reduce CVE Noise with VEX - Vulnerability-Exploitability eXchange
