March 1, 2020

157 words 1 min read

OSS Vulnerability Trends 2017-2019

OSS Vulnerability Trends 2017-2019

Nowadays security incident is increasing more and more. Then lots of vendor/community/institute are making efforts to find vulnerability on software. Not only commercial software, but also OSS is havi …
Talk Title OSS Vulnerability Trends 2017-2019
Speakers Kazuki Omo (Executive Officer, SIOS Technology Inc.)
Conference Open Source Summit + Automotive Linux Summit Japan
Conf Tag
Location Tokyo, Japan
Date Jul 17-19, 2019
URL Talk Page
Slides Talk Slides
Video

Nowadays security incident is increasing more and more. Then lots of vendor/community/institute are making efforts to find vulnerability on software. Not only commercial software, but also OSS is having a vulnerability (remember HeartBleed, DirtyCow, and so on). Then lots of security researchers are reporting vulnerability and publish it with CVE-ids which is assigned by MITRE.In this LightningTalk, Kazuki Omo will report recently trends of OSS CVE from 2017 to 2019. Also, show some typical vulnerability PoC, then tell how you can protect those vulnerabilities by using OSS product/solution.

security incident vulnerability
comments powered by Disqus
BoF: Securing Open-source: Dependencies, Incident Response, Vulnerabilities, and Bug Bounties

BoF: Securing Open-source: Dependencies, Incident Response, Vulnerabilities, and Bug Bounties

January 26, 2020

Open-source projects have a more nebulous operating model, and that also means it's harder to figure out who's on the hook when something goes wrong.In security, if you're running an open-source proje …
Prioritizing trust while creating applications

Prioritizing trust while creating applications

February 26, 2020

Time and money are generally the resources we focus on when building applications. Yet we cant buy trust; it builds slowly and can be broken quickly when we dont factor it in to our development process. Jennifer Davis examines how to leverage security practices to enable an all-team approach to security.
Better routing security through concerted action

Better routing security through concerted action

February 25, 2020

There is nearly universal agreement that the Internet routing system is vulnerable to attack, but thoughts on how to address the problem vary from better technolog …
CommunityBridge: A Quick Tour of the Cloud Platform and Tooling LF Engineers are Building to Serve its Projects

CommunityBridge: A Quick Tour of the Cloud Platform and Tooling LF Engineers are Building to Serve its Projects

February 19, 2020

Managing the legal IP, funding, IT operations, governance, security, training, events and growth of the 200+ big open source projects is no insignificant task. To provide deep engagement value to our …
Open Source CVE Monitoring and Management: Cutting Through the Vulnerability Storm

Open Source CVE Monitoring and Management: Cutting Through the Vulnerability Storm

February 19, 2020

A key aspect to maintaining device security is monitoring and addressing known vulnerabilities in open source software in a timely fashion. This presentation will help you get started with the process …
In-and-out - Security of Copying to and from Live Containers

In-and-out - Security of Copying to and from Live Containers

February 1, 2020

Nowadays mature container platforms (such as Docker, Kubernetes and LXD) provide users a way to extract files from a running container. There are several different design approaches for implementing s …