Loading…
December 10, 2024
Learn More and Register to Attend

The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for SOSS Community Day India 2024 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in India Standard Time (UTC+5:30). To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.
← Back to schedule
From CVE Chaos to Control: Building a "0 CVE" Strategy - Rakshit Gondwal, BuildSafe & Harsh Thakur, Civo
Tuesday December 10, 2024 12:45pm - 1:05pm IST
Room 201 (Level 2)
Overwhelmed by the constant flood of CVEs? With vulnerabilities expected to rise by 25% this year, many security teams are experiencing "CVE fatigue"—the exhausting cycle of identifying, prioritizing, and remediating vulnerabilities. This talk will guide you toward a "Zero CVE" strategy, where vulnerabilities are minimized, and management is streamlined. We’ll explore actionable strategies to combat CVE fatigue, including reducing software dependencies, automating OS package updates, and simplifying vulnerability management with a single package manager. We’ll also discuss prioritizing remediation using runtime analysis and VEX (Vulnerability Exploitability eXchange) documents. By integrating security into the software development lifecycle, attendees will gain practical knowledge to build a strategy that not only minimizes CVEs but also strengthens the overall security posture.
Speakers
avatar for Rakshit Gondwal

Rakshit Gondwal

Developer, BuildSafe
Rakshit is currently a contributor at BuildSafe, which is an open source supply chain security project. He is also an Approver of the CNCF Incubating project, Keptn, and a Reviewer for the Hydrophone (Kubernetes sig) project. He has earlier worked as a CNCF'23 Fall Intern for the... Read More →
avatar for Harsh Thakur

Harsh Thakur

Infrastructure Engineer, Civo
Harsh's tech journey began in software development, leading to open-source contributions in the CNCF. His passion for complex systems propelled him into infrastructure engineering, gaining expertise in building control planes and designing APIs, and architecting cost-effective solutions... Read More →
Tuesday December 10, 2024 12:45pm - 1:05pm IST
Room 201 (Level 2)
  Breakout Sessions

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Share Modal

Share this link via

Or copy link