YoVDO

From SBOMs to F-Bombs: Vulnerability Analysis, SCA Tools, and False Positives and Negatives

Offered By: OWASP Foundation via YouTube

Tags

Vulnerability Management Courses Application Security Courses Supply Chain Security Courses Software Composition Analysis Courses Log4Shell Courses Software Bill of Materials Courses

Course Description

Overview

Save Big on Coursera Plus. 7,000+ courses at $160 off. Limited Time Only!
Explore the complexities of vulnerability management in third-party software through this 46-minute OWASP Foundation conference talk. Delve into the world of Software Composition Analysis (SCA) tools and Software Bill of Materials (SBOMs), examining their effectiveness in addressing security concerns like Log4Shell and supply chain attacks. Gain insights from the perspective of a FOSS security library provider on the challenges and potential improvements in the vulnerability management process. Learn how AppSec engineers and developers can streamline and enhance their approach to identifying and mitigating security risks in third-party dependencies. Benefit from the speaker's extensive experience in application security, applied cryptography, and web AppSec as you navigate the intricate landscape of false positives and negatives in vulnerability analysis.

Syllabus

From SBOMs to F-Bombs: Vulnerability Analysis, SCA Tools, and False Positives & Negatives


Taught by

OWASP Foundation

Related Courses

MongoDB for .NET Developers
MongoDB University Web Application Development – Capstone Course
University of New Mexico via Coursera Ciberseguridad: ataques y contramedidas
Universidad Rey Juan Carlos via Independent Reliable Cloud Infrastructure: Design and Process auf Deutsch
Google Cloud via Coursera Securing and Integrating Components of your Application 日本語版
Google Cloud via Coursera