YoVDO

Your Software IS - NOT Vulnerable - CSAF, VEX, and the Future of Advisories

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Risk Management Courses Software Security Courses Vulnerability Management Courses VEX Courses

Course Description

Overview

Explore the future of software security advisories in this 24-minute Black Hat conference talk. Delve into the challenges organizations face as security advisories become more prevalent, particularly with the rise of Software Bill of Materials (SBOMs). Learn about the increasing occurrence of "false positives" in vulnerability reports and the importance of distinguishing between exploitable and non-exploitable vulnerabilities. Discover how the Common Security Advisory Framework (CSAF) and Vulnerability Exploitability eXchange (VEX) are shaping the landscape of security information processing and prioritization. Gain insights from experts Allan Friedman and Thomas Schmidt on how to navigate the evolving risk landscape and effectively manage the growing influx of security information in software development and usage.

Syllabus

Your Software IS/NOT Vulnerable: CSAF, VEX, and the Future of Advisories


Taught by

Black Hat

Related Courses

Pattern-Oriented Software Architectures: Programming Mobile Services for Android Handheld Systems
Vanderbilt University via Coursera Engineering Maintainable Android Apps
Vanderbilt University via Coursera Software Design as an Element of the Software Development Lifecycle
University of Colorado System via Coursera Secure Software Development
Pluralsight Secure Software Concepts for CSSLPĀ®
Pluralsight