Explore the European approach to securing container images in this 39-minute conference talk from the Cloud Native Computing Foundation (CNCF). Delve into the importance of Software Bill of Materials and vulnerability management in light of upcoming European legislation like the Cyber Resilience Act. Discover how the Common Security Advisory Framework (CSAF) is leading a standards-backed Vulnerability Exploitability eXchange (VEX) implementation to address modern demands for software supply chain security. Learn about machine-readable and human-comprehensible security advisories that enable automated assessment and remediation, crucial for managing the growing footprint of upstream dependencies in software products.
VEXinating Container Images: The European Approach to Software Supply Chain Security
CNCF [Cloud Native Computing Foundation] via YouTube
Overview
Syllabus
VEXinating Your Container Images: The European Way - Dina Truxius & Jose Antonio Carmona Fombella
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
-
SBOMs, VEX, and Kubernetes - Software Supply Chain Security in Cloud Native Environments
-
Enabling VEX and Full SBOM Coverage with Wolfi Based Containers
-
Secure Your Supply Chain: Adding a Software Bill of Materials to Containers for Improved Vulnerability Scanning
-
Demystify Secure Software Supply Chain Metadata
-
Infusing Security Into the Application Development Process
