managing-vulnerabilities

SKILL.md

Implement comprehensive vulnerability detection and remediation workflows across containers, source code, dependencies, and running applications. This skill covers multi-layer scanning strategies, SBOM generation (CycloneDX and SPDX), risk-based prioritization using CVSS/EPSS/KEV, and CI/CD security gate patterns.

Vulnerability management requires scanning at multiple layers. Each layer detects different types of security issues.

For detailed tool selection guidance, see references/tool-selection.md.

在 CI/CD 管道中實施多層安全掃描（容器、SAST、DAST、SCA、機密）、SBOM 生成和基於風險的漏洞優先級排序。在構建 DevSecOps 工作流程、確保合規性或為容器部署建立安全門時使用。 來源：ancoleman/ai-design-components。

查看原文