議題
Nowadays security incident is increasing more and more. Then lots of vendor/community/institute are making efforts to find vulnerability on software. Not only commercial software, but also OSS is having vulnerability (remember Log4Shell, Dirty Pipe and so on). Then lots of security researchers are reporting vulnerability an d publish it with CVE-ids which is assigned by MITRE. In this session, Kazuki Omo will report recently trends of OSS CVE in 2022-2023. Also show some typical vulnerability PoC and pich up several example for exploite d vulnerability in 2022-2023 incident. And tell how you can catch up those news immediatelly and protect those vulnerability by using OSS product/solution.
講者
Kazuki Omo
Over 20 years experience in Unix/Linux/Windows system and many of Security related product. Working for OSS community over 17 years. Nowadays, Trainer for Threat intelligence, and speaks at lots of public seminar/session.
- Trainer for Threat Intelligence since 2020.
- Published SELinux and related security articles from 2004-2022.
- Maintainer of "LIDS(Linux Intrusion Detection System)".
- Published "Linux Security textbook" from LPI-Japan.
- Presentation on openSUSE.Asia Summit 2016 "openSUSE Security with OpenSCAP standard"
- Presentation on LinuxWorld C&D 2004 Japan "KB1-4 Keynote:Explanation about SELinux"
- Presentation on OSC 2007 TOKYO Japan "How to to daily operate for SELinux"