Every container starts with a FROM line, but how often do you really think about what you’re inheriting?

Popular base images come loaded with hundreds of packages, bringing along complexity, vulnerabilities, and compliance headaches you didn’t ask for. In this session, we’ll take a closer look at what’s hiding inside widely used images, and how those dependencies quietly introduce risk into even well-maintained applications.

You’ll learn how adopting minimal, verifiable, and low-to-zero CVE images can reduce your security surface and streamline compliance workflows without changing how you build.

Through live demos, we'll explore what happens when you:

* Scan popular images with Grype
* Try using weak crypto in a FIPS-compliant container
* Swap your base image without breaking your build

Whether you’re chasing FedRAMP, tuning your CI/CD pipeline, or just tired of the patch-and-scan grind, this talk will help you modernize your container strategy without disrupting your workflow.

Comments

Comments are closed.