Cloud Native SecurityCon North America 2022

Data without the ability to act on CVEs adds little value to platform hygiene and productivity. As we recognize what we need to secure our software supply chain we understand that vulnerability data is not enough. Vulnerability data with inventory data - the form of a software bill of materials, is also not enough. Without the ability to automate remediation, understanding blast radius of your CVEs, while maintaining up-time and a golden path to production data is not helpful. Security analysts and platform engineers need a complete view that is tailored for their concerns so they can make sure remediation is done at the right level.  In this talk we’ll discuss considerations for a user interface that presents the right data to the right teams, empowers them to address any bugs or CVEs quickly, and a software bill of materials so they can make sure all the affected components and dependencies are remediated.

Dates

Author

Conferences

Tags

Keynote: Vulnerability Data is Not Enough: The Case for an Actionable UI

tldr - powered by Generative AI