Loading…
8 August | Hyderabad, India
Learn More and Register To Attend

The Sched app allows you to build your schedule, but it is not a substitute for event registration. To participate in the sessions, you must be registered for OpenSSF Community Day India 2025. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.

Please note: This schedule is automatically displayed in India Standard Time. To see the schedule in your preferred timezone, please select from the drop-down located at the bottom of the menu to the right.

Schedule is subject to change.
← Back to schedule
Enhancing Vulnerability Triage With VEX: A GSoC Journey in CVE Binary Tool - Sanskar Sharma, Nirmata
Monday August 4, 2025 15:40 - 15:55 IST
Meeting Room 1 + 2
The triage process in the CVE Binary Tool enables users to customize vulnerability reports by adding contextual information such as mitigations or justifications for ignoring certain issues. This feature is especially useful for filtering out false positives or highlighting cases where a vulnerability is deemed non-exploitable based on a specific risk assessment.

While the CVE Binary Tool has offered basic triage support for some time, this GSoC project significantly extended its capabilities by integrating support for all four major VEX formats: CSAF, CycloneDX, OpenVEX, and SPDX. This was made possible through the integration of the lib4vex library, which provides robust parsing and generation of VEX documents across these different standards.

This talk will walk through the development journey, detailing the challenges faced while implementing VEX support and the key decisions that shaped the final solution.
Speakers
avatar for Sanskar Sharma

Sanskar Sharma

Intern, Nirmata
Hi, I’m Sanskar Sharma, a maintainer of the CVE Binary Tool under Intel. As a GSoC contributor, I added support for CSAF, CycloneDX, OpenVEX, and SPDX VEX formats using lib4vex to enhance vulnerability triage. I’ve also been an LFX mentee, working on Inspektor Gadget to improve... Read More →
Monday August 4, 2025 15:40 - 15:55 IST
Meeting Room 1 + 2
  15 Minutes Presentation

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Tweet Share
Need help? View Support Guides
Event questions? Contact Event Planner
Powered by Sched Event Planning App
©2025 Sched About Privacy Terms
Share Modal

Share this link via

Or copy link