How to Generate VEX Automatically for Your Project
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Discover how to revolutionize vulnerability management in this 33-minute conference talk from the Cloud Native Computing Foundation (CNCF). Learn about VEX (Vulnerability Exploitability eXchange) and its role in solving vulnerability management challenges. Explore the benefits of producing VEX for container image deliverables in open-source projects, including reduced false positives in security scans and improved focus on real security issues. Gain insights into automating VEX generation for Kubernetes workloads using Kubescape, a CNCF project designed to identify misconfigurations and vulnerabilities. Examine a new GitHub Action that streamlines VEX file generation in release processes, enhancing vulnerability management for both project maintainers and users.
Syllabus
How to Generate VEX Automatically for Your Project - Shlomo Heigh, CyberArk & Ben Hirschberg, ARMO
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Managing Kubernetes Security Using Kubescape and Lens - Mirantis Labs Tech TalksMirantis via YouTube Secure Your Kubernetes Clusters With Kubescape by Armosec
Kunal Kushwaha via YouTube Hands-on Introduction to Kubescape - Kubernetes Security Scanning Tool
Rawkode Academy via YouTube Introduction to GitHub Actions CI/CD
Kunal Kushwaha via YouTube Find Kubernetes Security Issues While Coding With Kubescape
Kunal Kushwaha via YouTube