SnykCon 2020 has ended
Back To Schedule
Wednesday, October 21 • 17:55 - 18:25
SCA & Enterprise Vulnerability Management

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
While software composition analysis is typically found as part of the development cycle, it can also enable the traditional vulnerability management (VM) toolchain to gain insights into vulnerabilities on production assets. In this talk we'll explore how enterprise vulnerability management deals with open source vulnerabilities, how SCA can help, and how these vulnerabilities map to commonly used frameworks in the VM space, like MITRE ATT&CK. In addition to surveying application vulnerability management, we will also show process models for managing container vulnerabilities and issues that can be found inside infrastructure as code definitions.

avatar for John Bock

John Bock

R&D, Optiv
John Bock is a member of the Research & Development group at Optiv Inc. In R&D he is focused on the emergent security landscape and threats to new technologies that are still developing a resilient security posture. Prior to this role, John was the leader of Optiv’s Application... Read More →

Wednesday October 21, 2020 17:55 - 18:25 BST
Technology Track