-
Charting a Course to Vulnerability Bliss
- Module 1: Software Vulnerability Overview
-
Lost in the Woods of Software Vulnerabilities
-
Who's Afraid of Software Vulnerabilities?
-
CVE Supervillains
-
Laying Down the Law: Federal Regulations & CVEs
-
Wrap Up
-
Test Your Knowledge!
- Module 2: How to Manage CVEs
-
The Painful Toil of CVE Purgatory
-
Sassy SBOMs Steal the Spotlight!
-
SBOM Elements, Quality, and Tools
-
Scanning the Great Universe of CVEs
-
Ok, But Can We Get Rid of Them Now?
-
Getting Started with OpenVEX and vexctl 🛠️
-
Wrap Up
-
Test Your Knowledge!
- Module 3: More Secure Base Images
-
I Can Has CVE Bliss?
-
All About That Base Image
-
Meet Wolfi, a Small Solution For a Big Problem!
-
Wrap Up
-
Test Your Knowledge!
- Module 4: Chainguard Images To the Rescue!
-
An Introduction to Chainguard Images
-
How to Use Chainguard Images 🛠️
-
How to Use the Tag History API 🛠️
-
Debugging Distroless Images 🛠️
-
Wrap up
-
Test Your Knowledge!
- Final Project
-
Final Project Instructions
-
Final Project Option 1 (Technical)
-
Final Project Option 1 (Written)
-
Submit your project
-
Course Completion
- Feedback and Support
-
Please take our short survey
-
Accepting Your Credly Badge
-
Contact us
This video is still being processed. Please check back later and refresh the page.
Uh oh! Something went wrong, please try again.
Painless Vulnerability Management
Charting a course to vulnerability bliss.
If you've been working in software these last few years, chances are you've noticed increased concern around software vulnerabilities. In the wake of major software supply chain attacks, governments and organizations have been taking significant action to improve cybersecurity practices, with vulnerability management serving as a key pillar. But what exactly is vulnerability management, how does one practice it, and is it really something you need to worry about?
In this course, you will learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it. You will also learn about the significant challenges involved and how to use Chainguard Images to drastically reduce the toil. In addition to this practical knowledge, you will gain an appreciation of the evolving, controversial, and high-stakes landscape of vulnerability management. It’s a fascinating world full of philosophical questions, geopolitical plot points, shadowy villains, spicy takes, and — if we have any say in it — a good deal of technical fun. 🤓 In other words, software supply chain security is a work in progress that needs your help and participation. So pack your containers, get ready for memes, and let's forge the path to a secure-by-default digital future.
If you have any questions or comments, feel free to reach out at courses@chainguard.dev.
Who is this course for?
|
This course is designed for developers and software professionals who want to learn about emerging regulations around vulnerability management and state-of-the-art tools and practices in this space. Participants will also learn how to use Chainguard Images to painlessly reduce vulnerabilities in their workloads.
|
Certificate of Completion
|
Participants who pass the quizzes at the end of each module and finish the short final project will earn a Certificate of Completion.
|
Prerequisites
|
No technical skills are needed for the conceptual articles, which comprise about 75% of the course. For the technical tutorials, you should have experience with running containers and will need Docker, crane, and jq installed on your machine. |
Time to complete
|
Three to five hours.
|
Course
Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.
Course
Learn the tools and fundamentals of vulnerability management and why it's critical that every developer understand it.