Scanning for and remediating vulnerabilities has become a very common—and necessary—security practice in many software development environments. Unfortunately, “CVE chasing” has also become the primary security activity performed early in the SDLC, sometimes even prioritized over other security layers that are overly complex or negatively impact development velocity.
NeuVector (now part of SUSE) security engineer Tracy Walker will compare CVE scanning with zero-trust segmentation and offer real examples of organizations automating zero trust early in their SDLC to block zero-day vulnerabilities their CVE scanning couldn’t prevent.