Vulnerability today: What's the state of Open Source vulnerability management?

K.4.401 | Day 1 | 15:00 - 15:55 | Speakers: Olle E. Johansson

Copy link

Vulnerability today: What's the state of Open Source vulnerability management?

Copy link

A picture of one of the buildings at the ULB campus

Stream opens at 15:00 (Europe/Brussels)

Get involved in the conversation!Join the chat

Notes

Abstract

The vulnerability management world is in a bit of turmoil. With the DoS-type attack AI slop is putting on Open Source projects at the same time as the funding of core systems is unsure, we need to agree on requirements for the future, ways of working and how we can handle the shift forced by the Cyber Resilience Act. Let's spend an hour talking about this and discuss ways forward.

The Global Vulnerability Intelligence Platform is a project that aims at working on a long term solution, a cooperation between OWASP, OpenSSF, Eclipse/ORCWG, OpenForum Europe and with support from the Sovereign Tech Resilience project.

https://www.gvip-project.org

Speakers

Olle E. Johansson

Olle E. Johansson has over twenty years of experience in telecommunications, VoIP, and cybersecurity. Olle is active in open-source projects and standard forums, the founder of major appsec and network security initiatives, and a specialist for various categories of software bills of materials (SBOM).

Olle is active in OpenSSF, OWASP, Eclipse ORCWG, IETF and other forums. He is the leader of the Global Vulnerability Intelligence Platform project (GVIP-project) and tries hard to find a way towards a long term vulnerability management system that works for all stakeholders.

Links

Submit Feedback

External Links

Notice: The placeholder video image is licensed under CC BY-SA 4.0. The original image can be found hereChanges made to the image are: Cropped the image to a new ratio, part of the image was cut off.