Overview
Explore container security fundamentals in this 14-minute OpenSSF conference talk that addresses the mismatch between single-process containers and traditional Linux distributions. Learn how minimal base containers can enhance security, while examining key challenges and solutions in their implementation. Discover practical approaches including container-first design principles that challenge traditional package essentials, effective container build strategies for FROM SCRATCH images, metadata framework considerations for accurate container scanning, and techniques for transforming existing distribution packages into self-contained binaries. Master the art of building secure base containers by understanding how to eliminate unnecessary dependencies, implement efficient installation scripts, and support rapid rebuild cycles in modern containerized environments.
Syllabus
From Bloat to Secure: Rethinking Container Base Images for the Modern Security... - Abhishek Anand
Taught by
OpenSSF