Slim.AI, a startup specializing in software program provide chain safety, helps companies optimize and safe their software program containers, immediately introduced the launch of its automated container hardening characteristic on the CNCF’s KubeCon/CloudNativeCon Europe. With this, Slim can now routinely scan an organization’s containers for vulnerabilities and take away pointless information, libraries and different assault surfaces.

Constructed into current CI/CD pipelines, Slim’s new automated container hardening service runs containers, which a developer has beforehand instrumented, by the corporate’s current take a look at suite, analyzes them and routinely removes pointless information, leading to considerably smaller — and safer — containers. With fewer information in a container, this additionally implies that builders can then deal with the vulnerability alerts that truly matter, as a result of they relate to libraries which can be truly getting used.

Picture Credit: Slim.AI

Slim.AI was born out of an open-source mission, the Slim Toolkit (which was beforehand referred to as DockerSlim). This mission is now seven years outdated and has seen over 1,000,000 downloads. And whereas it does some rudimentary hardening and container safety evaluation, the crew fashioned an organization to construct on their learnings from the Slim Toolkit and increase upon them.

As Slim.AI co-founder and CEO John Amaral informed me, when the corporate launched again in 2020, its focus was extra on offering customers with what Amaral referred to as an “MRI machine for containers” that may inform customers precisely what was of their containers and the place there have been potential safety points.

Picture Credit: Slim.AI

“One piece of suggestions we acquired from the customers of our open-source technology was that they actually wanted to perceive what’s inside these containers as a complement to any variety of automated remediation,” Amaral mentioned. “The builders nonetheless want to be ready to help these modified containers and if they don’t have a clear image of what’s there, then how will they be ready to work together with the remaining elements? We spent a lot of time constructing higher tooling for them.”

As with every automated course of, issues don’t at all times work as deliberate and infrequently, the system could generate a container that misses a essential file. For these instances, Slim.AI provides builders and safety groups not solely a whole lot of knowledge about what it does to each container, but additionally the guide controls to repeat assessments or exclude sure information.

“As engineering groups are more and more tasked with the duties of constructing and releasing safe software program—whereas many organizations additionally look to developer velocity to drive enterprise outcomes—the fitting tooling turns into all that extra important,” mentioned Kelly Fitzpatrick, senior business analyst at RedMonk. “By integrating container vulnerability discount and mitigation into the CI/CD processes that groups already use, Slim.AI’s automated container hardening is designed to unravel this want.”

The brand new service is accessible totally free to customers of Slim.AI’s developer platform, although groups that plan to make use of the service at scale will in all probability wish to attain out to the corporate about its design accomplice program.