Future Speaks at 'Vulncon 2026', a Top Conference in the Vulnerability Management Field
Future Corporation's cybersecurity experts, Kouta Kanbe and Ryunosuke Tanai, will speak at 'Vulncon 2026' in the US. They will present on the threat of 'hidden EOLs' in OSS components and practical triage methods.
📋 Article Processing Timeline
- 📰 Published: April 7, 2026 at 22:00
- 🔍 Collected: April 7, 2026 at 13:30
- 🤖 AI Analyzed: April 20, 2026 at 21:28 (319h 58m after Collected)
Future Corporation (Shinagawa-ku, Tokyo, President and CEO Tomohiko Taniguchi, hereinafter "Future") announces that Kouta Kanbe, Senior Architect, and Ryunosuke Tanai, Senior Consultant, belonging to the Cyber Security Innovation Group, have been accepted in the Call for Speakers for "Vulncon 2026," a top conference in the field of cybersecurity and vulnerability management held in Arizona, USA, and will present their research results on April 16, 2026 (local time).
"Vulncon" is an international conference co-hosted by FIRST (Forum of Incident Response and Security Teams), a non-profit organization promoting international cybersecurity standards, and the CVE Program, which manages common vulnerability identifiers. It is held as one of the most authoritative international conferences in the cybersecurity field, where experts in various security fields centered on vulnerability management, government agencies, and corporate management gather to hold discussions.
In recent years, cyberattacks targeting the software supply chain have been increasing. Recently, a widely used prominent open-source security tool in CI/CD environments was targeted in a supply chain attack, resulting in an incident where authentication information was directly targeted. Such situations fundamentally shake the reliability of OSS, which many development sites rely on, and appropriate management and continuous monitoring in OSS dependencies are required more than ever. This presentation will propose practical approaches to deal with these threats.
■ Presentation Content
The CVE Blind Spot: Defeating "Hidden EOLs" and Repo Jacking with Engineering Triage & Code Diet
Currently, standard vulnerability management relies heavily on CVE (Common Vulnerabilities and Exposures) information. On the day of the event, they will present on the danger of OSS components reaching EOL (End of Life / end of provision, support, and maintenance) as a "blind spot" of CVE management. According to Future's independent analysis of approximately 16,000 OSS components operating in production environments, it was found that about 10% are officially in an EOL state, and about 50% are experiencing development stagnation or are in a de facto EOL state. They will reveal the reality of "hidden EOLs" and demonstrate the latest practical triage methods to deal with them without placing excessive burden on the field.
Speakers: Cyber Security Innovation Group, Future Corporation
Senior Architect, Creator of Vuls (*1) Kouta Kanbe / Senior Consultant Ryunosuke Tanai
"Vulncon" is an international conference co-hosted by FIRST (Forum of Incident Response and Security Teams), a non-profit organization promoting international cybersecurity standards, and the CVE Program, which manages common vulnerability identifiers. It is held as one of the most authoritative international conferences in the cybersecurity field, where experts in various security fields centered on vulnerability management, government agencies, and corporate management gather to hold discussions.
In recent years, cyberattacks targeting the software supply chain have been increasing. Recently, a widely used prominent open-source security tool in CI/CD environments was targeted in a supply chain attack, resulting in an incident where authentication information was directly targeted. Such situations fundamentally shake the reliability of OSS, which many development sites rely on, and appropriate management and continuous monitoring in OSS dependencies are required more than ever. This presentation will propose practical approaches to deal with these threats.
■ Presentation Content
The CVE Blind Spot: Defeating "Hidden EOLs" and Repo Jacking with Engineering Triage & Code Diet
Currently, standard vulnerability management relies heavily on CVE (Common Vulnerabilities and Exposures) information. On the day of the event, they will present on the danger of OSS components reaching EOL (End of Life / end of provision, support, and maintenance) as a "blind spot" of CVE management. According to Future's independent analysis of approximately 16,000 OSS components operating in production environments, it was found that about 10% are officially in an EOL state, and about 50% are experiencing development stagnation or are in a de facto EOL state. They will reveal the reality of "hidden EOLs" and demonstrate the latest practical triage methods to deal with them without placing excessive burden on the field.
Speakers: Cyber Security Innovation Group, Future Corporation
Senior Architect, Creator of Vuls (*1) Kouta Kanbe / Senior Consultant Ryunosuke Tanai