Understanding Exploitability with VEX, EPSS, and Other Standard Frameworks
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the complexities of software security in this 32-minute conference talk from the Cloud Native Computing Foundation (CNCF). Gain a high-level overview of four essential concepts in software security: Vulnerability Exposure Factor (VEX), Exploit Probability and Severity Score (EPSS), Common Vulnerability Scoring System (CVSS), and Software Bill of Materials (SBOMs). Learn how to assess the reachability and exploitability of vulnerabilities within software applications as systems grow increasingly complex. Discover strategies for generating and managing SBOMs for compliance purposes, and explore methods for automating policy and GitOps practices to enhance security posture. Delve into the importance of understanding these frameworks to ensure robust security measures in modern software development and deployment.
Syllabus
Understanding Exploitability with VEX, EPSS, and Other Standard Frameworks - Ayse Kaya, Root
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
Evaluación de peligros y riesgos por fenómenos naturalesUniversidad Nacional Autónoma de México via Coursera Internet Security
openHPI Planning a Security Incident Response
Microsoft via edX Cyber Security
CEC via Swayam Ethical Hacking
Indian Institute of Technology, Kharagpur via Swayam