Virtualization Technology News and Information
As Research Shows Vulnerabilities Continue to Soar, Slim.AI Launches 'Container Intelligence' to Give In-Depth Analysis on Hundreds of Popular Container Images

In software supply chain security, knowing your software means knowing what's in it-for better or worse. Slim.AI has launched Container Intelligence, a free and open service that anyone can use to quickly gain valuable insights into what's in the most popular container images that they're baking into their software every day.

Despite the supercharged emphasis on security in the software industry, containers now have more vulnerabilities than ever before; moreover, a worrisome gap exists between developers and leadership on resources needed to address the problem. These findings are detailed in the second annual Slim.AI Public Container Report, published today and available for complimentary download.

Slim.AI aims to help close the gaps identified in the report by making Container Intelligence available to everyone, free. Container Intelligence scans more than 160 popular public container images making up 30% of total global pull volume using a combination of open-source and proprietary scanning tools. Slim.AI will quickly expand the dataset to cover the majority of public containers used by developers today across multiple registry providers. Developers can use Container Intelligence to make informed decisions when selecting containers or containerized applications for use in their tech stacks. 

"Democratizing information about the security posture of public containers is critical if we want to meet the challenges of today's software supply chain," said John Amaral, co-founder and CEO at Slim.AI. "At Slim.AI, we believe in sharing information we have about the security and usability of public containers with developers so that they can make informed decisions about the containers they work with."

Key Features of ‘Container Intelligence' by Slim.AI: 

  • Publicly available container profile pages on the Slim.AI website - no login, no registration needed.
  • Profiles include vulnerability counts by severity, container construction details, and package information, along with comparisons to similar public containers.
  • Containers are fully searchable and categorized according to use case (for example, base images, CMSs or DevOps tools).
  • The data is updated daily to ensure freshness.

Slim.AI will be adding more capabilities to Container Intelligence throughout the coming year. Future enhancements will include expanding the database to include more public registries, adding comparative analysis across images and providing container update notifications. 

Taking It to the Next Level with Slim.AI

For those who want to know even more about their containers, developers can log in to the Slim.AI platform from the Container Intelligence page to analyze their own private containers, get vulnerability reports from multiple scanners, and automatically harden their container images for production. 

Additionally, Slim.AI has been adding functionality for teams and is accepting a limited number of organizations into its design partner program.
Published Tuesday, October 25, 2022 1:13 PM by David Marshall
Filed under:
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
<October 2022>