Slim.AI, a startup specializing in software supply chain security, helps businesses optimize and secure their software containers, today announced the launch of its automated container hardening feature at the CNCF’s KubeCon/CloudNativeCon Europe. With this, Slim can now automatically scan a company’s containers for vulnerabilities and remove unnecessary files, libraries and other attack surfaces.
Built into existing CI/CD pipelines, Slim’s new automated container hardening service runs containers, which a developer has previously instrumented, through the company’s existing test suite, analyzes them and automatically removes unnecessary files, resulting in significantly smaller — and more secure — containers. With fewer files in a container, this also means that developers can then focus on the vulnerability alerts that actually matter, because they relate to libraries that are actually being used.