The Failure of Vulnerability Identifiers and How We Fix Them

Presented by

Josh Bressers, VP of Security, Anchore and Josh Buker, Research Analyst, Cloud Security Alliance

About this talk

Dan Geer is famous for saying that the birth of the modern information security industry can be traced to the introduction of a TCP/IP stack in Windows 95. The quantity of connected computing systems has grown significantly since that day and the number of reported vulnerabilities has not kept pace. Vulnerability identifying ecosystems must be open, standardized, agile and on-demand to serve the emerging needs of cloud computing and other next generation technologies. In this session, CSA researchers will discuss the latest developments from our new Global Security Database (GSD) working group. We will explain how existing vulnerability identifiers have failed to keep pace with innovation and discuss some of the high level goals of the GSD working group.
Related topics:

More from this channel

Upcoming talks (2)
On-demand talks (176)
Subscribers (15825)
Go in depth into CSA's latest research on everything from IoT to containers to blockchain. Webcasts will break down the research, provide use cases, instructions for implementation, and further insights.