amazee.io Webinar to Cover Dependency-Track, SBOM Monitoring, and CI/CD Policy Gates

Continuous monitoring of software supply chain risks is becoming central to modern web application security as teams move away from periodic vulnerability assessments. A webinar titled Uncover Hidden Vulnerabilities with Dependency-Track addresses this shift, with amazee.io, a Mirantis subsidiary, hosting the session on Wednesday, 8 April 2026 at 16:00 CDT (21:00 UTC / 23:00 CEST).

The session reflects a broader shift in software security practices, where organisations are moving from static and periodic scanning toward continuous monitoring of dependencies across application environments. Dependency-Track is positioned as a tool to provide real-time visibility into vulnerabilities across an application portfolio.

Sean Hamlin, principal architect at amazee.io, and Lauren Morris, head of product at amazee.io, are listed as speakers. According to the event description, the session will demonstrate how teams can integrate Dependency-Track into hosting environments and CI/CD pipelines to automate vulnerability detection and policy enforcement.

The programme includes discussion of Software Bills of Materials (SBOMs) and their limitations when used as static artefacts. The session will outline how continuous SBOM analysis can address gaps between scans by maintaining ongoing visibility into open-source dependency exposure as new vulnerabilities emerge.

Additional topics include the use of EPSS (Exploit Prediction Scoring System) to identify vulnerabilities that are more likely to be actively exploited, and VEX (Vulnerability Exploitability eXchange) to reduce false positives and document non-reachability. The webinar will also cover automated SBOM uploads through CI/CD pipelines and approaches to reducing operational overhead through managed hosting.

The event is aimed at platform, security, and governance teams responsible for managing dependency risks in production systems. The organisers frame the session around the need for continuous visibility, noting that vulnerabilities in open-source dependencies are often discovered after deployment, while regulatory expectations increasingly require demonstrable and ongoing risk management practices.

More information and registration details are available on the official amazee.io event page.