 Hi everyone, I'm Michelle DePalma, Product Manager for Red Hat's Trusted Profile Analyzer, and welcome to our demo. To explore TPA, let's head over to our Red Hat Hosted Version, which is available to anyone with a Red Hat Console account. I'm going to search for Quarkus. First, let's go to the Product and Containers tab and select our Quarkus SBOM. In this SBOM view, I see a list of CVEs populated by Red Hat VEX documents that are related to Quarkus, and in this case, it's Quarkus 238. If I pick one CVE to focus on, I can see the affected dependencies and drill down to get even more details about that dependency. Here I see all the vulnerabilities that impact the snappy Java dependency this instance of TPA knows about. There are a couple of interesting things to notice in the CVE view. We have two tabs on this page for related products and related advisories. As expected in the related products tab, we have our Quarkus SBOM and snappy Java dependency, but we also have the status that is the status of this vulnerability in this product. Under the related advisories tab, we have information from the Red Hat advisory written for this CVE that includes this version of Quarkus. In addition to gaining insights from VEX documents, TPA provides the same scan available from Red Hat's dependency analytics. In this report, we have knowledge from dependency analytics, but also have recommendations that point to Red Hat's trusted content where appropriate. This is the end of our Red Hat Trusted Profile Analyzer product demo. Again, my name is Michelle DePama. Please contact me if you're interested in Red Hat's trusted profile analyzer or have any questions. Thanks for watching.