Loading…
THE MUST ATTEND EVENT FOR CYBERSECURITY PROFESSIONALS
Thursday September 26, 2024 10:30am - 11:15am PDT
If you work in vulnerability management, you’re probably familiar with the painful condition known as CVE overload. Each year, tens of thousands of new vulnerabilities are reported, and these potential risks overwhelm security teams tasked with confirming risks and remediating them. 


A proposed solution is VEX (Vulnerability Exploitability eXchange): a set of formats that communicates vulnerability impact status, whether a vulnerability is exploitable in its deployed context, and mitigation steps. In theory, VEX (when used alongside other prioritization inputs) makes it possible for downstream security teams to remediate more efficiently. But as with most security frameworks, efficacy depends on proper implementation.  


This talk will cover five steps to leveraging VEX throughout the vulnerability remediation lifecycle, from the time a vulnerability is disclosed to the time you publish and distribute a VEX statement. We’ll cover the tools and workflows security practitioners need to know to effectively use VEX in their organizations. 

Speakers
avatar for Cortez Frazier Jr

Cortez Frazier Jr

Principal Product Manager, FOSSA
Cortez Frazier Jr. is a Principal Product Manager at FOSSA. He leads development for the company’s SBOM (software bill of materials) and vulnerability management solutions. Before joining FOSSA, Cortez served as product lead for all of Puppet’s SaaS-based products, primarily within... Read More →
Thursday September 26, 2024 10:30am - 11:15am PDT
Room: Seacliff CD
Feedback form is now closed.

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Share Modal

Share this link via

Or copy link