Chainguard: Building Secure Container Images
Download MP3Bret and Nirmal are joined by Dan Lorenc from Chainguard to walk them through Chainguard's approach to building secure, minimal container images for popular open source software.
They discuss why it is important to have secure and minimal container images. Dan explains how Chainguard helps remove the pain of CVEs, laggy software updates and patches and much more. Chainguard is now available also on Docker Hub.
They spend the first part of the show talking about the week's big news: the XZ supply chain attack, and Dan was the best man to explain it. They also touch on CVEs, things you can do to reduce the attack surface, SLSA, and more during this jam-packed show.
There's a video version you can watch on YouTube
★Topics★
Chainguard Website
Vulnerability Management Certification course
True Cost of Vulnerability Management
Chainguard Images
Chainguard on Docker Hub Announcement
😇 My new GitHub Security workshop has launched! A free 2-hour workshop with hands-on labs to harden your repos and your workflows from common supply chain attacks. I'll cover how attackers are getting in, and then we'll lock down a sample repo so you know what needs to be done to protect your code. You'll leave with a deep understanding of risks and mitigations as well as a list of helpful tools to keep your repos safe, including my new "gasa" tool for scanning your repos and orgs.
They discuss why it is important to have secure and minimal container images. Dan explains how Chainguard helps remove the pain of CVEs, laggy software updates and patches and much more. Chainguard is now available also on Docker Hub.
They spend the first part of the show talking about the week's big news: the XZ supply chain attack, and Dan was the best man to explain it. They also touch on CVEs, things you can do to reduce the attack surface, SLSA, and more during this jam-packed show.
There's a video version you can watch on YouTube
★Topics★
Chainguard Website
Vulnerability Management Certification course
True Cost of Vulnerability Management
Chainguard Images
Chainguard on Docker Hub Announcement
- (00:00) - Intro
- (05:14) - Dan's Take on the XZ Hack
- (14:59) - Chainguard Distro Creation
- (21:21) - Chainguard in Docker Hub Announcement
- (24:26) - Free Images vs Private Images
- (26:27) - Zero CVE Approach
- (28:33) - Ways to Reduce Attack Surfaces
- (39:56) - Chainguard Academy
- (41:08) - Real Time Antivirus Malware Scanner
- (43:52) - Google Distro Lists Worth Using
- (45:56) - Chainguard for Buildpacks
- (46:20) - SLSA
- (56:08) - What's Next for Chainguard?
- (56:52) - Getting Started with Chainguard
You can also support this podcast by subscribing to my YouTube channel and my monthly newsletter at bret.news!
Grab the best coupons for my GitHub, Agents, Docker, and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com
Grab the best coupons for my GitHub, Agents, Docker, and Kubernetes courses.
Join my cloud native DevOps community on Discord.
Grab some merch at Bret's Loot Box
Homepage bretfisher.com
Creators and Guests
Host
Bret Fisher
Cloud native DevOps Dude. Course creator, YouTuber, Podcaster. Docker Captain and CNCF Ambassador. People person who spends too much time in front of a computer.
Producer
Beth Fisher
Producer of the DevOps and Docker Talk and Agentic DevOps podcasts. Assistant producer on Bret Fisher Live show on YouTube. Business and proposal writer by trade.
Guest
Dan Lorenc
OSS Supply Chain Security. Founder/CEO/Primary Ariba Admin at https://t.co/sGmuUU9JbGSigstore: https://t.co/dWKlyYu6kv
