Scan, Patch, VEX - Using Open Source Tools to Manage Vulnerabilities in Containers

Explore effective vulnerability management strategies for cloud-native environments in this informative conference talk. Learn how to leverage open-source tools like Trivy and Copacetic, along with open standards such as VEX, to streamline and automate the process of managing vulnerabilities in containers. Discover practical techniques for improving the security posture of cloud-native workloads across development, testing, and production environments. Gain insights into reducing noise and efficiently tracking patches and exceptions at scale. Walk away with actionable knowledge to enhance your organization's security practices and effectively manage vulnerabilities in the cloud-native landscape.

Scan, Patch, VEX - Using Open Source Tools to Manage...Toddy Mladenov & Sertaç Özercan, Itay Shakury