Loading…
or to bookmark your favorites and sync them to your phone or calendar.
strong>CI/CD (CloudX) [clear filter]
arrow_back View All Dates
Thursday, November 7
 

10:30am PST

OPEN SESSION (CloudX): 5 Steps to VEX Success: Managing the End-to-End Workflow
Thursday November 7, 2024 10:30am - 10:55am PST
CloudX -- Main Stage
Cortez Frazier Jr., FOSSA, Principal Product Manager

If you work in vulnerability management or DevSecOps programs, you’re probably familiar with the painful condition known as CVE overload. Each year, tens of thousands of new vulnerabilities are reported, which causes stress and late nights for the teams tasked with remediating them.

And that’s not to mention the herculean tax of distinguishing between potential vulnerabilities and confirmed vulnerabilities. The reality that most vulnerabilities are only potentially exploitable (as determined by the deployed context of each package) also means remediation often results in a lot of wasted time and effort.

A proposed solution is VEX (Vulnerability Exploitability eXchange): a set of formats that communicates vulnerability impact status, whether a vulnerability is exploitable in its deployed context, and mitigation steps. In theory, VEX (when used alongside other prioritization inputs) makes it possible to remediate more efficiently. But as with most security frameworks, efficacy depends on proper implementation.

This talk will cover five steps to leveraging VEX throughout the vulnerability remediation lifecycle, from the time a vulnerability is disclosed to the time you publish and distribute a VEX statement. We’ll cover the tools and workflows teams need to know to effectively use VEX in their organizations.
Speakers
avatar for Cortez Frazier Jr.

Cortez Frazier Jr.

Principal Product Manager, FOSSA
Cortez Frazier Jr. is the product lead for FOSSA’s SaaS and on-premises enterprise applications. FOSSA is a developer tool (in the software composition analysis category) for managing open source license compliance and security vulnerabilities.Before joining FOSSA, Cortez served... Read More →
Thursday November 7, 2024 10:30am - 10:55am PST
CloudX -- Main Stage
  CloudX: DevOps Summit, DevSecOps

2:00pm PST

PRO SESSION (CloudX): Building Robust Networks: The Power of CI/CD in Network Validation
Thursday November 7, 2024 2:00pm - 2:25pm PST
CloudX -- Stage 1
Naveen Achyuta, Roblox, Network Reliability Engineer

While CI/CD practices are well-established in software development, the networking field is still adapting to these methodologies. This presentation demonstrates a method for validating network configurations in a lab environment, both pre- and post-deployment, to build confidence before implementing changes in production networks. Using open-source tools, custom scripts, and containerlab, we'll walk through each step of implementing a CI/CD pipeline. This approach not only enhances confidence in network deployments but also bridges the gap between traditional networking practices and modern DevOps methodologies. 
Speakers
avatar for Naveen Achyuta

Naveen Achyuta

Network Reliability Engineer, Roblox
Naveen works as a Network Reliability Engineer at Roblox and lives in the Bay Area. After graduating with his master's degree, he initially worked as a network engineer at Comcast. He then transitioned to network software engineering to build network automation systems that streamline... Read More →
Thursday November 7, 2024 2:00pm - 2:25pm PST
CloudX -- Stage 1
  CloudX: DevOps Summit, CI/CD
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Monday, November 4
Tuesday, November 5
Wednesday, November 6
Thursday, November 7
Tuesday, November 12
Wednesday, November 13
Thursday, November 14
API World -- Expo Discovery Stage
API World -- Main Stage
API World -- OPEN Workshop Stage
API World -- Workshop Stage A
API World -- Workshop Stage B
API World -- Workshop Stage C
CloudX -- Expo Innovation Stage
CloudX -- Main Stage
CloudX -- Stage 1
Dev Innovation Summit -- Main Stage
Expo Hall
Leadership Lounge
RingCentral Events
Santa Clara Convention Center
Santa Clara Convention Center - Lobby
Santa Clara Hyatt Regency Lobby
VIRTUAL API World -- Expo Discovery Stage
VIRTUAL API World -- Main Stage
VIRTUAL API World -- OPEN Workshop Stage
VIRTUAL API World -- Workshop Stage A
VIRTUAL API World -- Workshop Stage B
VIRTUAL API World -- Workshop Stage C
VIRTUAL CloudX -- Expo Innovation Stage
VIRTUAL CloudX -- Main Stage
VIRTUAL CloudX -- Stage 1
VIRTUAL Dev Innovation Summit -- Main Stage
Virtual Expo Hall
  • 1. Badge Pick-up & Registration
  • 2. Experiences & Official Events
  • 3. Expo Hours
  • 4. Hackathon
  • 5. KEYNOTES & FEATURED
  • API World: API Innovation
  • API World: API Strategy
  • API World: Lifecycle
  • API World: Microservices World
  • CloudX: Cloud Architecture & Infrastructure
  • CloudX: Cloud-Native Development
  • CloudX: Cloud Strategy Conference
  • CloudX: DevOps Summit
  • Dev Innovation Summit
  • OPEN SESSIONS
  • Talk Type
  • OPEN Session
  • PRO Session
  • PRO Workshop
  • Track or Conference
  • AI & ML (CloudX)
  • API Case Studies & Success Stories (API World)
  • API Design / Architecture (API World)
  • API Leadership Summit (API World)
  • API Ops & Scalability & Usability (DX) & Testing (API World)
  • API Program Management (API World)
  • API Security / Compliance (API World)
  • API World
  • API World: API Innovation
  • API World: API Lifecycle
  • API World: API Strategy
  • API World: Microservices World
  • API-First Development (API World)
  • APIs (Dev Innovation)
  • Automated Testing & Monitoring & Reporting (CloudX)
  • CI/CD (CloudX)
  • CI/CD / Deployment (API World)
  • Cloud Development Technologies (CloudX)
  • Cloud Development Technologies (Dev Innovation)
  • Cloud Infrastructure (CloudX)
  • Cloud Innovation (AI & Edge & etc) (CloudX)
  • Cloud Security (CloudX)
  • Cloud Talent & Skills (CloudX)
  • CloudX
  • CloudX: Cloud Architecture & Infrastructure
  • CloudX: Cloud Strategy Conference
  • CloudX: Cloud-Native Development
  • CloudX: DevOps Summit
  • Containers & Kubernetes (CloudX)
  • Deployment Strategies (CloudX)
  • Dev Innovation (CloudX)
  • Dev Innovation Summit
  • Developer Tools (Dev Innovation)
  • DevSecOps (CloudX)
  • Digital Acceleration (CloudX)
  • Edge Computing (CloudX)
  • Emerging APIs: AI & IoT & Blockchain & Web3 & XR (API World)
  • Expo Challenge
  • Future of Cloud-Native Computing (CloudX)
  • Hybrid & Multi-Cloud (CloudX)
  • Hybrid APIs & Low Code APIs (API World)
  • Industries: Open Banking & Healthcare & Retail (API World)
  • Infrastructure-as-Code (CloudX)
  • Integration Management (API World)
  • Leadership Lounge
  • Microservices Design & Architecture (API World)
  • Microservices Design (CloudX)
  • Microservices Management (CloudX)
  • Observability (CloudX)
  • OPEN Session
  • Platform Engineering (API World)
  • Programming Languages (Dev Innovation)
  • Roundtables
  • Service Mesh & Containers & Kubernetes (API World)
  • Sponsor Spotlight
  • Virtual
  • In-Person/Virtual
  • In Person
  • Virtual
  • Virtual Exclusive