Slim.AI produces precisely hardened, deployment-ready containers—complete with SBOMs and vulnerability reports—for DevSecOps teams without burdening developers with more manual processes
AMSTERDAM, April 18, 2023 /PRNewswire-PRWeb/ -- KUBECON AND CLOUDNATIVECON EUROPE—Slim.AI, the Boston-based startup focused on optimizing and securing cloud-native applications, today announced the release of its Automated Container Hardening capability, complete with vulnerability reporting and software bills-of-material for hardened images.
Slim's continuous supply chain security solution works in both CI/CD processes and Kubernetes implementations. Container Hardening goes beyond "generic" container slimming to produce a hardened container that is both secured for production and can pass the organization's own tests and policy protocols.
"Slim's Container Hardening workflow produces hardened containers that meet the demands of DevSecOps by automating what was a manual process—removing work instead of shifting work left," said John Amaral, co-founder and CEO at Slim.AI. "This new offering lets organizations integrate Slim's container security measures into their own infrastructure, gaining the confidence of their own test suites passing while having the security, visibility, and artifact generation required for modern cloud-native security."
Thin-stretched software organizations are reluctant to pull developers away from producing applications to deal with manual vulnerability remediation and container size reduction. With Slim's Container Hardening functionality, organizations no longer need to choose between developer velocity and container security.
*How Container Hardening Works*
Automated Container Hardening follows as a simple five-step process that is built directly into existing CI/CD pipelines. The developer takes any container image and "instruments" it using the Slim platform or CLI. This instrumented container is run through the organization's test suite, generating observations about the running container. This intelligence is used to build a hardened container, which is up to 30X smaller and considerably more secure. This image is then shipped to production.
*Key Benefits of Automated Container Hardening*
- Leverages your own tests, in your own infrastructure: Slim's new workflow can be implemented using any test suite and run in CI/CD even Kubernetes. This ensures the hardening process is reliable and robust, and removes manual container security work from engineering and DevOps teams.
- Easy to Automate: Slim's CLI makes scripting easy, and pre-configured examples exist for most major CI platforms.
- Works for any container image: Container Hardening can work on any container image, regardless of base image, language ecosystem, or functionality. It even works on third-party applications whose source code you don't control.
- Comprehensive Reporting: While some container hardening approaches require proprietary scanning tools, Slim is designed to work with any 3rd-party scanner or SBOM tool. It generates an SBOM, multi-engine vulnerability report, and additional reports that can be shared with stakeholders and customers, every build.
*Jit Demonstrates the Power of Automated Container Hardening*
Jit, the company codifying product security for developers, is a Slim.AI Design Partner and has been using the new workflow in production. Jit and the Slim.AI team worked together to integrate Slim's Automated Container Hardening flow into Jit's CI/CD pipeline via GitHub actions and a series of tests.
Using this method, Jit achieved its goal of significantly reducing the size of its containers by 30- to 90%. Jit is now hardening dozens of containers as part of its CI. On some containers, Jit has seen a 100% elimination of critical and high-risk vulnerabilities, saving potentially hundreds of hours of manual vulnerability remediation. Jit is also seeing storage and platform usage cost savings, with boot times halved and a 21% reduction in the average time to scan a container. Learn more in this case study.
"Jit aims to provide the best experience for our users in terms of both security and efficiency," said Sharah Peled, VP of operations for Jit. "Slim enabled us to implement DevOps best practice without burdening our developers with manual vulnerability remediation and container size reduction. Automating container hardening in CI/CD will save us hundreds of developer hours annually."
This new functionality removes the work of several developers or teams. On average, organizations report a single vulnerability can cost up to two hours of development time to remediate. Reducing vulnerabilities by 80% in a single process lets teams focus on the risks that matter most.
"As engineering teams are increasingly tasked with the responsibilities of building and releasing secure software—while many organizations also look to developer velocity to drive business results—the right tooling becomes all that more essential," said Kelly Fitzpatrick, senior industry analyst at RedMonk. "By integrating container vulnerability reduction and mitigation into the CI/CD processes that teams already use, Slim.AI's automated container hardening is designed to solve this need."
Automated Container Hardening is currently free to try in the Slim Developer Platform. Teams and organizations hardening containers at scale should contact the Slim team to inquire about their Design Partner program, which offers additional features, support and scale.
About Slim.AI
Slim.AI helps developers create, build, deploy and run their cloud-native applications more efficiently and securely. The unique approach used by Slim.AI moves the focus on container optimization upstream in the DevOps lifecycle, giving developers the tools they need to author, manage and ship production-ready containers efficiently and effectively. More information at https://slim.ai and @SlimDevOps.
###
Media Contact
Cristin Connelly Zegers, Cathey Communications for Slim.AI, 404-931-6752, [email protected]
SOURCE Cathey Communications for Slim.AI
Share this article