Name: Scan, Patch, VEX - Using Open Source Tools to Manage Vulnerabilities in Containers - Toddy Mladenov & Sertaç Özercan, Microsoft; Itay Shakury, Aqua Security
Start: 2024-06-27T11:00:00-0700
End: 2024-06-27T11:35:00-0700

June 26-27, 2024 | Seattle, WA
View More Details | Registration Information

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for CloudNativeSecurityCon North America 2024 to participate in these sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in Pacific Daylight Time (PDT), UTC -7. To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date."

The schedule is subject to change.

Thursday June 27, 2024 11:00am - 11:35am PDT

433

Do you feel overwhelmed managing vulnerabilities at cloud-native scale? Keeping track of patches and exceptions can be daunting. There must be a better way to automate the process and reduce the noise. In this talk you will learn how you can manage vulnerabilities with open source tools like Trivy and Copacetic as well as open standards like VEX. The speakers will explain the roles of the tools and the standards in your vulnerability management process and demonstrate their use in various scenarios. You will see how you can improve the vulnerability posture of your cloud native workloads in development, test and production settings. Attendees will leave the session with practical knowledge that will help them improve the security of their organizations.

Speakers

Sertaç Özercan

Principal Software Engineering Manager, Microsoft

Sertaç Özercan is a Principal Software Engineering Manager for the open-source cloud-native containers security team in Microsoft Azure. Previously, he worked in the Azure Kubernetes Service (AKS) and Azure Red Hat OpenShift (ARO) teams.

Itay Shakury

VP Open Source, Aqua Security

Itay Shakury is the VP of Open Source at Aqua Security, where he leads engineering for open source, cloud native security solutions. Itay has some 20 years of professional experience in various software development, architecture and product management roles. Itay is also a CNCF Cloud... Read More →

Toddy Mladenov

Principal Product Manager, Microsoft

Toddy has over 25 years of experience in software engineering and design, consulting, and product management for companies like Microsoft, T-Mobile, and SAP. He started his cloud journey 14 years ago as part of the Azure team. Since then, Toddy worked on large-scale cloud implementations... Read More →

CNSC24 pdf

Thursday June 27, 2024 11:00am - 11:35am PDT
433

Observability + Detections + Response

Content Experience Level Any

Feedback form is now closed.

CloudNativeSecurityCon North America 2024

Sertaç Özercan

Itay Shakury

Toddy Mladenov

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!