Your Software IS - NOT Vulnerable - CSAF, VEX, and the Future of Advisories
Offered By: Black Hat via YouTube
Course Description
Overview
Explore the future of software security advisories in this 24-minute Black Hat conference talk. Delve into the challenges organizations face as security advisories become more prevalent, particularly with the rise of Software Bill of Materials (SBOMs). Learn about the increasing occurrence of "false positives" in vulnerability reports and the importance of distinguishing between exploitable and non-exploitable vulnerabilities. Discover how the Common Security Advisory Framework (CSAF) and Vulnerability Exploitability eXchange (VEX) are shaping the landscape of security information processing and prioritization. Gain insights from experts Allan Friedman and Thomas Schmidt on how to navigate the evolving risk landscape and effectively manage the growing influx of security information in software development and usage.
Syllabus
Your Software IS/NOT Vulnerable: CSAF, VEX, and the Future of Advisories
Taught by
Black Hat
Related Courses
Security Principles(ISC)² via Coursera Emergency and Disaster Training and Exercising: An Introduction
Coventry University via FutureLearn A General Approach to Risk Management
University System of Georgia via Coursera A Strategic Approach to Cybersecurity
University of Maryland, College Park via Coursera Academia de auditoría en la nube: independencia en la nube (Español LATAM) | Cloud Audit Academy - Cloud Agnostic (Spanish from Latin America)
Amazon Web Services via AWS Skill Builder