VEXinating Container Images: The European Approach to Software Supply Chain Security
Offered By: CNCF [Cloud Native Computing Foundation] via YouTube
Course Description
Overview
Explore the European approach to securing container images in this 39-minute conference talk from the Cloud Native Computing Foundation (CNCF). Delve into the importance of Software Bill of Materials and vulnerability management in light of upcoming European legislation like the Cyber Resilience Act. Discover how the Common Security Advisory Framework (CSAF) is leading a standards-backed Vulnerability Exploitability eXchange (VEX) implementation to address modern demands for software supply chain security. Learn about machine-readable and human-comprehensible security advisories that enable automated assessment and remediation, crucial for managing the growing footprint of upstream dependencies in software products.
Syllabus
VEXinating Your Container Images: The European Way - Dina Truxius & Jose Antonio Carmona Fombella
Taught by
CNCF [Cloud Native Computing Foundation]
Related Courses
The A's, B's, and Four C's of Testing Cloud-Native ApplicationsLASCON via YouTube A Different Kind of S3 - First Line Security of the Supply Chain
Linux Foundation via YouTube Accountability Taxonomy for AI Software Bill of Materials
Linux Foundation via YouTube Activities in Japan and 10 Streams of OSS Security Mobilization Plan
OpenSSF via YouTube Addressing Security Issues Before Production with Docker Scout
Docker via YouTube