BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//hack-lu-2023//speaker//JLACEF
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-hack-lu-2023-PUXBQ8@pretalx.com
DTSTART;TZID=CET:20231016T115000
DTEND;TZID=CET:20231016T122000
DESCRIPTION:If you have not noticed the hype about ABOUT (Software Bill of 
 Material) you must been living in a cave. They have been touted as the nex
 t best thing after sliced bread and the cure-it-all to all our security pr
 oblems of the past many years. Join me to break through the hype and revie
 w the good\, the bad and the ugly and determine if\, how and when they may
  useful and when not.
DTSTAMP:20260413T115257Z
LOCATION:Salle Europe
SUMMARY:SBOMs: are they a threat or a menace? - Philippe Ombredanne
URL:https://pretalx.com/hack-lu-2023/talk/PUXBQ8/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-hack-lu-2023-MNCC3H@pretalx.com
DTSTART;TZID=CET:20231016T141000
DTEND;TZID=CET:20231016T141500
DESCRIPTION:The composition binary analysis of apps and libraries can be a 
 complex thing mixing multiple techniques. Let's review the techniques and 
 FOSS tools to automate this analysis for binary formats such as bytecode\,
  native Go and C/C++ ELFs and minified JavaScript.
DTSTAMP:20260413T115257Z
LOCATION:Salle Europe
SUMMARY:The composition analysis of binary Java\, ELF\, Go\, and JavaScript
  apps - Philippe Ombredanne
URL:https://pretalx.com/hack-lu-2023/talk/MNCC3H/
END:VEVENT
BEGIN:VEVENT
UID:pretalx-hack-lu-2023-Z7UP7B@pretalx.com
DTSTART;TZID=CET:20231018T135500
DTEND;TZID=CET:20231018T140000
DESCRIPTION:Until now\, two worlds have mostly ignored each others: the res
 olution of a software package dependency tree or graph to meet functional 
 constraints and the search for package versions are not subject to known\,
  published vulnerabilities (aka. CVEs) . What if we could combine the func
 tional version range constraints from software developers with the known v
 ulnerable version ranges from security specialist?
DTSTAMP:20260413T115257Z
LOCATION:Salle Europe
SUMMARY:Non vulnerable package dependency resolution - Philippe Ombredanne
URL:https://pretalx.com/hack-lu-2023/talk/Z7UP7B/
END:VEVENT
END:VCALENDAR