2025-09-14 –, C120 - Art. 15 GDPR
Language: Deutsch
Within software development you will experience vulnerabilities, misconfigurations and sadly lazy developers and operations people taking shortcuts.
I will talk over the experience of implementing automated vulnerability scaning and the abilities there and have the results handled in the vulnerability managment tool DefectDojo.
Automated vulnerability scanning is a useful practice to find a lot of especially low hanging fruits within developed software.
Especially vulnerable libaries and misconfigurations can be found relatively easy. Repositories, Docker containers and virtual machines can be scanned for problems before an attacker does.
Vulnerability management tooling will help you rate, coordinate and close vulnerabilities through visibility for the developers and managers.
I will go over the possibilities and share some experience of implementing it.
German who studied at the TU Darmstadt living in Rotterdam now here
Mailbox area white old man, active in the security scene since pre-2000.
Works in software development within critical infrastructure
Started quite a lot of things. A lot of things around the chaos darmstadt but also that milliways.