2026-02-13 –, VYAS - G - Room#VY015
Effective Vulnerability Management is the bedrock of modern Cybersecurity and Compliance. This session provides an essential overview of the global vulnerability ecosystem, focusing on the strategic and process-driven work required for sustainable Open Source Resilience. We will explore the critical need for adopting standardized governance and data formats to help the vast Open Source Software (OSS) community manage the entire lifecycle of security vulnerabilities efficiently.
Attendees will learn about:
- The Global Governance Structure: Understanding the federated design of key vulnerability programs and the leadership roles that enable a functional, scalable software ecosystem.
- Community Mentorship Models: Best practices for establishing governance and mentorship programs that successfully integrate more open source projects into coordinated vulnerability disclosure frameworks.
- Data Standards for Automation: The strategies for transforming vulnerability findings into actionable, machine-readable security data (e.g., VEX, CSAF) to fuel consumer automation and tooling.
- Resilience through Standardisation: How adherence to open standards ensures a transparent and trusted flow of vulnerability information, drastically strengthening the global OSS supply chain.
Join us to explore how strategic governance and unified standards are key to moving the entire ecosystem toward proactive security resilience.
Yogesh Mittal is a Manager at Red Hat, leading the Vulnerability Management team within the Product Security Incident Response Team (PSIRT). He oversees the entire security flaw lifecycle, including coordinated disclosure and technical analysis, ensuring critical data is optimized into machine-readable formats for effective remediation. Additionally, Yogesh represents Red Hat in industry forums like the CVE Program Root, where he champions the needs of the open source community to ensure global security standards remain accessible and effective.