This video is still being processed. Please check back later and refresh the page.

Uh oh! Something went wrong, please try again.

Painless Vulnerability Management

Charting a course to vulnerability bliss.

Cancel Apply

rate limit

Code not recognized.

About

If you've been working in software these last few years, chances are you've noticed increased concern around software vulnerabilities. In the wake of major software supply chain attacks, governments and organizations have been taking significant action to improve cybersecurity practices, with vulnerability management serving as a key pillar. But what exactly is vulnerability management, how does one practice it, and is it really something you need to worry about?  
 
In this course, you will learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it. You will also learn about the significant challenges involved and how to use Chainguard Images to drastically reduce the toil. In addition to this practical knowledge, you will gain an appreciation of the evolving, controversial, and high-stakes landscape of vulnerability management. It’s a fascinating world full of philosophical questions, geopolitical plot points, shadowy villains, spicy takes, and — if we have any say in it — a good deal of technical fun. 🤓 In other words, software supply chain security is a work in progress that needs your help and participation. So pack your containers, get ready for memes, and let's forge the path to a secure-by-default digital future.
Who is this course for?
This course is designed for developers and software professionals who want to learn about emerging regulations around vulnerability management and state-of-the-art tools and practices in this space. Participants will also learn how to use Chainguard Images to painlessly reduce vulnerabilities in their workloads.  
Certificate of Completion
Participants who pass the quizzes at the end of each module and finish the short final project will earn a Certificate of Completion
Prerequisites

No technical skills are needed for the conceptual articles, which comprise about 75% of the course. For the technical tutorials, you should have experience with running containers and will need Docker, crane, and jq installed on your machine. 
Time to complete
Three to five hours. 
Course Details

  • Developers; Software Professionals

  • 3-5h

  • 18 Lessons

DUMMY TEXT DO NOT EDIT PLZ

Curriculum

  • Charting a Course to Vulnerability Bliss
  • Module 1: Software Vulnerability Overview
  • Lost in the Woods of Software Vulnerabilities
  • Who's Afraid of Software Vulnerabilities?
  • CVE Supervillains
  • Laying Down the Law: Federal Regulations & CVEs
  • Wrap Up
  • Test Your Knowledge!
  • Module 2: How to Manage CVEs
  • The Painful Toil of CVE Purgatory
  • Sassy SBOMs Steal the Spotlight!
  • SBOM Elements, Quality, and Tools
  • Scanning the Great Universe of CVEs
  • Ok, But Can We Get Rid of Them Now?
  • Getting Started with OpenVEX and vexctl 🛠️
  • Wrap Up
  • Test Your Knowledge!
  • Module 3: More Secure Base Images
  • I Can Has CVE Bliss?
  • All About That Base Image
  • Meet Wolfi, a Small Solution For a Big Problem!
  • Wrap Up
  • Test Your Knowledge!
  • Module 4: Chainguard Images To the Rescue!
  • An Introduction to Chainguard Images
  • How to Use Chainguard Images 🛠️
  • How to Use the Tag History API 🛠️
  • How to Compare Images with the Diff API 🛠️
  • Debugging Distroless Images 🛠️
  • Wrap up
  • Test Your Knowledge!
  • Final Project
  • Final Project Instructions
  • Final Project Option 1 (Technical)
  • Final Project Option 1 (Written)
  • Submit your project
  • Course Completion
  • We Want Your Feedback!
  • Please take our short survey
  • Contact us

About

If you've been working in software these last few years, chances are you've noticed increased concern around software vulnerabilities. In the wake of major software supply chain attacks, governments and organizations have been taking significant action to improve cybersecurity practices, with vulnerability management serving as a key pillar. But what exactly is vulnerability management, how does one practice it, and is it really something you need to worry about?  
 
In this course, you will learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it. You will also learn about the significant challenges involved and how to use Chainguard Images to drastically reduce the toil. In addition to this practical knowledge, you will gain an appreciation of the evolving, controversial, and high-stakes landscape of vulnerability management. It’s a fascinating world full of philosophical questions, geopolitical plot points, shadowy villains, spicy takes, and — if we have any say in it — a good deal of technical fun. 🤓 In other words, software supply chain security is a work in progress that needs your help and participation. So pack your containers, get ready for memes, and let's forge the path to a secure-by-default digital future.
Who is this course for?
This course is designed for developers and software professionals who want to learn about emerging regulations around vulnerability management and state-of-the-art tools and practices in this space. Participants will also learn how to use Chainguard Images to painlessly reduce vulnerabilities in their workloads.  
Certificate of Completion
Participants who pass the quizzes at the end of each module and finish the short final project will earn a Certificate of Completion
Prerequisites

No technical skills are needed for the conceptual articles, which comprise about 75% of the course. For the technical tutorials, you should have experience with running containers and will need Docker, crane, and jq installed on your machine. 
Time to complete
Three to five hours. 
Course Details

  • Developers; Software Professionals

  • 3-5h

  • 18 Lessons

DUMMY TEXT DO NOT EDIT PLZ

Curriculum

  • Charting a Course to Vulnerability Bliss
  • Module 1: Software Vulnerability Overview
  • Lost in the Woods of Software Vulnerabilities
  • Who's Afraid of Software Vulnerabilities?
  • CVE Supervillains
  • Laying Down the Law: Federal Regulations & CVEs
  • Wrap Up
  • Test Your Knowledge!
  • Module 2: How to Manage CVEs
  • The Painful Toil of CVE Purgatory
  • Sassy SBOMs Steal the Spotlight!
  • SBOM Elements, Quality, and Tools
  • Scanning the Great Universe of CVEs
  • Ok, But Can We Get Rid of Them Now?
  • Getting Started with OpenVEX and vexctl 🛠️
  • Wrap Up
  • Test Your Knowledge!
  • Module 3: More Secure Base Images
  • I Can Has CVE Bliss?
  • All About That Base Image
  • Meet Wolfi, a Small Solution For a Big Problem!
  • Wrap Up
  • Test Your Knowledge!
  • Module 4: Chainguard Images To the Rescue!
  • An Introduction to Chainguard Images
  • How to Use Chainguard Images 🛠️
  • How to Use the Tag History API 🛠️
  • How to Compare Images with the Diff API 🛠️
  • Debugging Distroless Images 🛠️
  • Wrap up
  • Test Your Knowledge!
  • Final Project
  • Final Project Instructions
  • Final Project Option 1 (Technical)
  • Final Project Option 1 (Written)
  • Submit your project
  • Course Completion
  • We Want Your Feedback!
  • Please take our short survey
  • Contact us
Course

Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.

Course

Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.