11-04, 10:50–11:20 (US/Central), ROOM 2
As the complexity of software systems continues to grow, ensuring their security becomes paramount. This necessitates a comprehensive understanding of the reachability & exploitability of vulnerabilities within software applications.
This talk aims to provide a high-level overview of four essential concepts in the field of software security: Vulnerability Exposure Factor (VEX), Exploit Probability and Severity Score (EPSS), Common Vulnerability Scoring System (CVSS), and Software Bill of Materials (SBOMs).
This can be streamlined through a process of generating and managing Software Bill of Materials (SBOMs) for compliance purposes.
Kyle is the creator of DockerSlim/SlimToolkit, a popular open source tool to inspect, minify and debug containers. Kyle is also the CTO/founder of Slim.AI where he's building a supply chain security solution for the cloud native applications. Kyle has been building applications and platforms using many different cloud native technologies since the early days of cloud computing. He’s been involved in security for more than two decades wearing many different hats as a builder, breaker and defender.