CVE Context Matters - Prioritizing Vulnerabilities in Cloud-Native Projects

Explore the nuances of vulnerability scanning in cloud-native projects through this insightful 30-minute conference talk by Shubha Badve and Ross Tannenbaum from Red Hat. Delve into the challenges of understanding vulnerability context and relevance, especially given the varying quality of scanners. Learn which vulnerability feeds are most helpful, what tools to utilize, and critically assess whether all vulnerabilities truly matter. Gain valuable insights on prioritizing elements in vulnerability scanners and identifying where the real value lies. Discover best practices for implementing and evaluating the success of a vulnerability scanner. By the end of the presentation, acquire a comprehensive understanding of the vulnerability scanner ecosystem, learn how to accurately assess vulnerabilities, and effectively integrate a vulnerability scanner into daily workflows. This talk is essential for professionals seeking to enhance their cloud-native security practices and make informed decisions about vulnerability management.

CVE Context Matters, but Do All Vulnerabilities Really Matter? - Shubha Badve & Ross Tannenbaum