Presentations | Hack Dojo

Sort by:

Improve Vulnerability Management with OCI Artifacts – It Is That Easy!

Conference: KubeCon + CloudNativeCon Europe 2023

Authors: Itay Shakury, Toddy Mladenov

2023-04-20

tldr - powered by Generative AI

The presentation discusses the challenges and solutions in managing vulnerabilities as software bills of materials (SBOMs) in the context of DevOps and cybersecurity.

The new OCI changes make it easier to manage images and vulnerabilities as SBOMs.
However, there are challenges in standardizing artifact types and annotations.
Getting the right artifact is difficult and requires manual and automated steps.
The specifications for SBOMs are not always accurate and require additional information to make vulnerability reports more accurate.

Tags:

Supply chain security

SBOMs

OCI

vulnerability management

Trivy

Show 0 Comments

Maslow's Hierarchy of Supply Chain Needs

Conference: SupplyChainSecurityCon 2022

Authors: Josh Bressers

2022-06-21

tldr - powered by Generative AI

The presentation discusses the importance of understanding the order of steps in supply chain management and the need to prioritize solutions based on the problem at hand.

Understanding the order of steps in supply chain management is crucial to effectively addressing problems
Prioritizing solutions based on the problem at hand is more effective than blindly implementing solutions
The speaker shares an anecdote about the challenges of vulnerability scanning and the importance of building a vulnerability management system
The speaker emphasizes the importance of having an S-bomb as the foundation of supply chain management

Tags:

software supply chain security

SBOM

SLSA

SSDF

vulnerability management

Show 0 Comments

Dates

Author

Conferences

Tags

Improve Vulnerability Management with OCI Artifacts – It Is That Easy!

tldr - powered by Generative AI

Maslow's Hierarchy of Supply Chain Needs

tldr - powered by Generative AI