#vex — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #vex, aggregated by home.social.
-
Precision Container Security with Docker and Black Duck
#Docker #Partnerships #Products #DockerHardenedImages #Scanner #Softwaresupplychainsecurity #VEXhttps://www.docker.com/blog/precision-container-security-with-docker-and-black-duck/
-
Reclaim Developer Hours through Smarter Vulnerability Prioritization with Docker and Mend.io
#Docker #Partnerships #Products #DockerHardenedImages #Softwaresupplychainsecurity #VEX -
Is your security team drowning in "critical" alerts that aren't actually exploitable?
🌊🧘♂️ Most teams treat dependency risk as a periodic task, but our webinar on April 8 shows you how to make it continuous.
We'll explore how #DependencyTrack uses #EPSS and #VEX to filter out the noise and prioritize the 10% of vulnerabilities that actually pose a threat to your production environment.
🔗 https://www.amazee.io/blog/post/live-uncover-hidden-vulnerabilities-with-dependency-track
-
45 years ago today
Bad Religion at the VEX, March 5, 1981, Los Angeles, CA, supported by The Chiefs and China White.Photos by Gary Leonard.
#punk #punks #punkrock #badrelegion #vex #history #punkrockhistory #otd
-
Reduce Vulnerability Noise with VEX: Wiz + Docker Hardened Images
#Docker #Partnerships #Products #CVEfalsepositives #DockerHardenedImages #FedRAMPVEXcoverage #OSVadvisories #SBOMvisibility #VEX #Vulnerabilityreachability #Wizintegrationhttps://www.docker.com/blog/reduce-vulnerability-noise-with-vex-wiz-docker-hardened-images/
-
@bagder Great that you are considering #CSAF. We think that CSAF is a gamechanger: CSAF works for open source as well as closed source, hardware, specifications etc. - basically anything you can think of writing a security advisory or #VEX for.
Supply Chain Security: No one can secure single handed - everyone is needed. A single format: You can profit from the upstream CSAFs, your downstream users profit from your CSAFs.(1/2)
-
What an amazing week! hashtag#devoxx Belgium 2025 did not disappoint!
So much great content and friendly faces I've finally met IRL!
And wow, they already posted to Youtube all recordings!You can check out my talk about #paketo #buildpacks https://youtu.be/RX9zwgHuNmA
As well as my new one about #security #sca #vex https://youtu.be/EDNmUpE32aM
-
Mein Borderlands 4 Vex Leveling Zusammengeschreibsel. https://docs.cbrueggenolte.de/s/qrrcNbRgx#
Wenn ihr Vorschläge habt, nur her damit.
-
ICYMI, here's a paper that was trying to answer this research question in the context of #OpenSource #Java projects on GitHub: "What do open-source maintainers think about integrating #VEX into their existing SBOMs?"
TL;DR: "In most cases, our augmented SBOMs were not directly accepted because developers required a continuous SBOM update."
-
One Open-source Project Daily
A vulnerability scanner for container
https://github.com/anchore/grype
#1ospd #opensource #docker #golang #security #tool #containers #oci #vulnerability #vex #vulnerabilities #containerimage #cyclonedx #openvex -
GitHub - jurassicLizard/vex2pdf: Convert CycloneDX JSON docs to PDF reports. Was designed to work for VEX reports but can also generate PDFs for standard BoMs.
https://github.com/jurassicLizard/vex2pdf
#Security #sbom #vex -
We're getting riled up for Raleigh 😜 Are you? 🔗https://go.first.org/jDHDu #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Want an action-packed docket of dynamic speakers and cross-industry topics? Look no further💪 Register for VulnCon25 today! 🔗 https://www.first.org/conference/vulncon2025/ #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Feeling vulnerable? Don't worry, we've got you 🤝 Register for the CVE/FIRST VulnCon 2025 & Annual CNA Summit today!🔗https://go.first.org/SBf3W #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
🥁The moment we've all been waiting for is here! #VulnCon25 agenda is out now 🔗https://go.first.org/r91zE #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX
-
Feeling vulnerable? Don't worry, we've got you 🤝 Register for the CVE/FIRST #VulnCon25 & Annual CNA Summit today!🔗https://go.first.org/SBf3W #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
44 years ago today
Bad Religion at the VEX, March 5, 1981, Los Angeles, CA, supported by The Chiefs and China White.Photos by Gary Leonard.
#punk #punks #punkrock #badrelegion #vex #history #punkrockhistory #otd
-
Let's be vulnerable together💕 Register for VulnCon25 today🔗 https://www.first.org/conference/vulncon2025/ #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Not able to attend VulnCon25 in person? 😥 Attend from home and register for our virtual option today 😁🔗 https://go.first.org/jDHDu #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX
-
Not able to attend VulnCon25 in person? 😥 Attend from home and register for our virtual option today 😁🔗 https://go.first.org/jDHDu #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX
-
Let's be vulnerable together💕 Register for #VulnCon25 today🔗 https://www.first.org/conference/vulncon2025/ #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Let's be vulnerable together💕 Register for #VulnCon25 today🔗 https://www.first.org/conference/vulncon2025/ #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Let's be vulnerable together💕 Register for #VulnCon25 today🔗 https://www.first.org/conference/vulncon2025/ #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Want an action-packed docket of dynamic speakers and cross-industry topics? Look no further,💪 Register for VulnCon25 today! 🔗https://go.first.org/jDHDu #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Do you want to be a part of the 40+ action-packed sessions at VulnCon25? If you said yes, now is your chance to submit your paper today! CFP has been extended until Jan 31st. 😎 #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh 🔗 https://go.first.org/MPudV
-
Want an action-packed docket of dynamic speakers and cross-industry topics? Look no further,💪 Register for VulnCon25 today! 🔗https://www.first.org/conference/vulncon2025/ #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
It's your lucky day! 🎉 The CFP for #VulnCon25 has been extended to January 31st! #submittoday #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh 🔗 https://go.first.org/MPudV
-
Submit your #CFP for #VulnCon2025 today to be a part of the 40+ action-packed sessions😎🔗 https://go.first.org/MPudV #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Submit your #CFP for #VulnCon2025 today to be a part of the 40+ action-packed sessions😎🔗 https://go.first.org/MPudV #vulnerabilitymanagement #CVE #CVSS #EPSS #CISA #MITRE #VEX #Raleigh
-
Same text, new layout. v2.1 is getting there with the design. Going to be amazing to see how far we could take this design, it’s also easier to keep updated.
#WebDevelopment #Homepage #Website #WebsiteUpdate #WebDev #VEX #VideoEditing #Services #OnlineBusiness #Southampton #CSS #HTML
-
Same text, new layout. v2.1 is getting there with the design. Going to be amazing to see how far we could take this design, it’s also easier to keep updated.
#WebDevelopment #Homepage #Website #WebsiteUpdate #WebDev #VEX #VideoEditing #Services #OnlineBusiness #Southampton #CSS #HTML
-
Same text, new layout. v2.1 is getting there with the design. Going to be amazing to see how far we could take this design, it’s also easier to keep updated.
#WebDevelopment #Homepage #Website #WebsiteUpdate #WebDev #VEX #VideoEditing #Services #OnlineBusiness #Southampton #CSS #HTML
-
Same text, new layout. v2.1 is getting there with the design. Going to be amazing to see how far we could take this design, it’s also easier to keep updated.
#WebDevelopment #Homepage #Website #WebsiteUpdate #WebDev #VEX #VideoEditing #Services #OnlineBusiness #Southampton #CSS #HTML
-
SBOM alone may not encode enough detail to separate non-exploitable vulnerabilities from exploitable ones writes Surendra Pathak in our latest guest blog on #VDR, #VEX, #OpenVEX and #CSAF https://openssf.org/blog/2023/09/07/vdr-vex-openvex-and-csaf/
-
At the heart of the CVE process and the matching done with the NVD database is the name of the manufacturer and the artefact - the software, system, library or mobile application. It's vital for this to work that the name in the #SBOM is correct to make the match work. The community has developed #PURL - package URL - to improve but so far the CVE/NVD eco system has not adopted PURL.
This needs to be fixed to make sure that the name in the SBOM matches the right set of vulnerabilities.
#SBOM #securesupplychain #CycloneDX #OpenVEX #VEX #OpenSource
-
Playing with #ActivityPub as a way to do notifications for new #VEX, and hoping to piggyback decentralized CD over that as comms channel. Very rough draft here RFCv5: https://github.com/ietf-scitt/use-cases/blob/3f10017af4cebb7d07e541c299ef277d43fb9c0d/openssf_metrics.md#use-case-attestations-of-alignment-to-s2c2f-and-org-overlays
#OpenVEX #Fediverse #supplychain #security
Comments appreciated!
https://github.com/intel/dffml/discussions/1406?sort=new#discussioncomment-4863663
-
Die US-Behörde CISA hat am 10. November 2022 einen 3 Punkteplan für effizientes Schwachstellenmanagement veröffentlicht: https://cisa.gov/blog/2022/11/10/transforming-vulnerability-management-landscape
Zentrale Punkte sind der #CSAF-Standard und das #VEX-Profil: Maschinenlesbare #Advisory reduzieren den manuellen Aufwand und mitigieren effektiver Schwachstellen.
Die #CISA zeigt hiermit offiziell ihre Unterstützung dieses Standards. Das #BSI erwartet eine Signalwirkung für alle PSIRTs – speziell auch #IndustrialSecurity.
