📣 At #VulnCon 2025, the OpenSSF community showed up strong—leading 16+ sessions & driving convos on vuln metadata, CRA, SBOMs, and more.
Catch CRob's key takeaways blog 👉 https://openssf.org/blog/2025/04/14/key-takeaways-from-vulncon-2025-insights-from-the-openssf-community/
I went to #VulnCon. It was great, and I wrote a little about how great it was.
If I owe you follow-ups from there, please feel free to publicly shame me here for my failed actions. Or DM me. Either way.
Especial thanks to @megazone and Valerie and @firstdotorg and @CVE_Program and aaaaallllll the volunteers and speakers that made it what it is.
Let's see how long this thing lasts. It's pretty special.
I've had a bunch of people ask me why I wasn't at #VulnCon, so I wrote a blog post about it
TL;DR - I don't think VulnCon should exist
Follow me for more security hot takes
https://opensourcesecurity.io/2025/04-why-i-didnt-go-to-vulncon/
At #VulnCon, NIST revealed that the NVD is scrapping its consortium plan, walking back last year’s promise of reform, while pitching new tools that critics say won't meaningfully address the backlog or transparency problem.
https://socket.dev/blog/vulncon-2025-nvd-scraps-consortium-plan #CVE #CyberSecurity #VulnCon2025
omw to #VulnCon, see you nerds soon!
Day 1 of “CVE/FIRST VulnCon 2025” is here!
Today’s agenda for all 5 tracks: https://first.org/conference/vulncon2025/program#d20250407
#CWE #VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon
Day 1 of “CVE/FIRST VulnCon 2025” is here!
Today’s agenda for all 5 tracks: https://first.org/conference/vulncon2025/program#d20250407
#VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon
Anyone attending #vulncon #vulncon25 tomorrow?
🔐 #OpenSSF is sponsoring #VulnCon 2025, happening April 7-10 at the McKimmon Center in Raleigh, NC!
Join the community! Virtual admission through April 4: https://www.first.org/conference/vulncon2025/
It's nice to see my VulnCon 2024 talk seems to still have some shelf-life...
https://github.com/package-url/purl-spec/issues/331#issuecomment-2423676993
@firstdotorg #VulnCon2025 is being held in North Carolina again. The state has since passed a ban on masks since #VulnCon2024. https://apnews.com/article/masks-ban-north-carolina-campus-protests-128a6aa32a4c832faa83befb2e7dd77e
Are the organizers of #VulnCon willing to adopt a policy allowing, or even requiring, wearing of masks to protect the health of attendees? Do the organizers know what the venue's mask policy is now that the law has passed?
I'm at high risk of complications from COVID and know several people who have tested positive after attending conferences in Q3 2024. Before I plan to attend, I want to know how I can protect myself. Thank you!
All of the recordings from VulnCon have been posted to YouTube. Here's a playlist:
#VulnCon #VulnCon2024 #VulnCon24
https://www.youtube.com/watch?v=mDctsoWtiTY&list=PLWfD9RQVdJ6db44oVABnI_JhIFEumoQnZ
Yay, all of the VulnCon videos are now available!
https://www.youtube.com/playlist?list=PLBAUUhONOrO_aB01lOv6XNRTHD4ueFVTp
VulnCon 2024 was a rousing success, with around 600 total attendees - ~350 in-person, and ~250 remote (the official numbers should be out soon). That blew away our planning targets by a wide margin. The positive feedback we've received has been overwhelming. There were, of course, some issues, but for a first year event it went shockingly smoothly, IMHO.
VulnCon 2025 will be back at the McKimmon Center in Raleigh, NC April 7-11, 2025. I suspect we're going to max out the capacity cap on that venue in 2025 for in-person attendees, but we don't want to grow too big, too fast.
Thanks to all who attended, and special thanks to the fantastic organizing committee who pulled this off with only five months of planning!
Day 3 of “CVE/FIRST VulnCon 2024”
Today’s agenda for all 3 tracks: https://first.org/conference/vulncon2024/program#d20240327
#VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon
Day 2 of “CVE/FIRST VulnCon 2024”
Today’s agenda for all 3 tracks:
https://first.org/conference/vulncon2024/program#d20240326
#VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon
#VulnCon 2024 kicks off today! Shout out to our sponsors: @nucleussec @OpenSSF @Amazon Fleet Device Management, @Brinqa @Edgescan @Seemplicity @Deepfactor@Opus Security @reveald for making this event possible. Learn more about them at: https://www.first.org/conference/vulncon2024/sponsors
Day 1 of “VulnCon 2024” is here!
Today’s agenda for all 3 tracks: https://first.org/conference/vulncon2024/program#d20240325
#CWE #VulnCon #VulnerabilityManagement #Vulnerability #FIRST #CVE
Day 1 of “CVE/FIRST VulnCon 2024” is here!
Today’s agenda for all 3 tracks: https://first.org/conference/vulncon2024/program#d20240325
#VulnerabilityManagement #Vulnerability #CVE #FIRST #VulnCon
