Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

CNCF [Cloud Native Computing Foundation]

Understanding Exploitability with VEX, EPSS, and Other Standard Frameworks

CNCF [Cloud Native Computing Foundation] via YouTube

Overview

Explore the complexities of software security in this 32-minute conference talk from the Cloud Native Computing Foundation (CNCF). Gain a high-level overview of four essential concepts in software security: Vulnerability Exposure Factor (VEX), Exploit Probability and Severity Score (EPSS), Common Vulnerability Scoring System (CVSS), and Software Bill of Materials (SBOMs). Learn how to assess the reachability and exploitability of vulnerabilities within software applications as systems grow increasingly complex. Discover strategies for generating and managing SBOMs for compliance purposes, and explore methods for automating policy and GitOps practices to enhance security posture. Delve into the importance of understanding these frameworks to ensure robust security measures in modern software development and deployment.

Syllabus

Understanding Exploitability with VEX, EPSS, and Other Standard Frameworks - Ayse Kaya, Root

Taught by

CNCF [Cloud Native Computing Foundation]

Reviews

Start your review of Understanding Exploitability with VEX, EPSS, and Other Standard Frameworks

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.