Menu

#1702451: Webinar - From CVE Scores to Action: Enforcing Artifact Management Policies in OPA

Description: Things you'll learn
The limits of CVSS alone: why theoretical severity scores can create noise instead of clarity.

How EPSS adds context: using probability-based risk assessment to prioritize vulnerabilities that matter most.

Policy-as-Code with OPA: writing Rego rules that automatically block or tag vulnerable packages based on CVSS, EPSS, and exploit availability.

Real-world scenarios: examples of high-severity CVEs with low exploitability, and low-severity CVEs with high exploitation probability.

Cloudsmith’s approach: how continuous scanning, automated quarantine, and policy-driven enforcement accelerate DevSecOps workflows.
More info: https://cloudsmith.com/events/webinars/from-cve-scores-to-action-enforcing-artifact-management-policies-in-opa

Date added Sept. 12, 2025, 2:01 a.m.
Source cloud smith
Subjects
  • CVE related Info Reported - Various, Also CVE News (in development)
  • CVSS - Common Vulnerability Scoring System - Currently CVSS 4.0
  • Exploit Prediction Scoring System EPSS
  • PodCasts / Webcast / Webinar / eSummit / Virtual Event etc.
Venue Sept. 25, 2025, midnight - Sept. 25, 2025, midnight