• About Us
  • Contact Us
  • Cookie policy (EU)
  • Home
  • Privacy Policy
  • Video
  • Write for us
Today Headline
  • HOME
  • NEWS
    • POLITICS
    • News for today
    • Borisov news
  • FINANCE
    • Business
    • Insurance
  • Video
  • TECHNOLOGY
  • ENTERPRISE
  • LIFESTYLE
    • TRAVEL
    • HEALTH
    • ENTERTAINMENT
  • AUTOMOTIVE
  • SPORTS
  • Travel and Tourism
  • HOME
  • NEWS
    • POLITICS
    • News for today
    • Borisov news
  • FINANCE
    • Business
    • Insurance
  • Video
  • TECHNOLOGY
  • ENTERPRISE
  • LIFESTYLE
    • TRAVEL
    • HEALTH
    • ENTERTAINMENT
  • AUTOMOTIVE
  • SPORTS
  • Travel and Tourism
No Result
View All Result
TodayHeadline
No Result
View All Result

Slim.AI introduces beta software supply chain container security as a service

June 22, 2022
in Enterprise
0
0
SHARES
1
VIEWS
Share on FacebookShare on Twitter


Austin, TX: We’ve been learning the hard way that, as Slim.AI CEO John Amaral puts it, “Your software supply chain is only as secure as its weakest link.” Amen, brother!

Slim.AI CEO John Amaral

Slim.AI CEO John Amaral: “Our core value is ‘Know Your Software.’  “

Slim.AI

Numerous high-profile attacks, breaches, and exploits such as the SolarWinds fiasco and the Log4J vulnerability are prime examples. Indeed, it’s gotten so bad, that President Joseph Biden issued an executive order calling for us to all secure the software supply chain. When politicians pay attention to software, stuff has gotten real.

Slim.AI is rising to this challenge by announcing at Open Source Summit in Austin, Texas, its beta software supply chain security service. This service will help organizations continuously and automatically optimize and secure their containers and minimize software supply chain risk.

This service is being built on the foundation of Slim.AI’s open-source project, DockerSlim. This popular developer program optimizes and secures your containers by analyzing your code and throwing away unnecessary code, thus “slimming” down your containers’ attack surface. It also can reduce the size of your container by up to 30x.

That’s impressive. As Amaral said, “Currently, tens of thousands of developers and teams use Slim’s open source and free SaaS software to understand what’s in their containers, reduce containers’ attack surface, remove vulnerabilities, and ship only the code they need.” But, the open-source project doesn’t scale. So with this new service, Amaral continued, “We’re moving from helping individual developers and small teams to a solution that enables organizations to continuously and automatically achieve these outcomes at scale.”

This is being done by integrating the code with container registries, Continuous Integration/Continuous Deployment (CI/CD) pipelines, and tools so you can automate and integrate it into existing workflows to quickly deliver secure software into production.

Current and planned integrations include Docker, AWS ECR, Google GCR, GitHub, DigitalOcean, and Quay registries and the Jenkins, GitLab, and GitHub CI/CD platforms. Application Programming Interfaces (APIs)s are also being made available to Early Access Partners.

In addition, thanks to its APIs, the service enables you to use multiple vulnerability scanners on your containers to find security problems before they bite you.

This is all part of what Amaral calls “The Four Ss of Software Supply Chain Security.”

The good news about the open-source software supply chain is, Amaral explained, “it’s really easy for developers to incorporate vast libraries of code into applications, package that into containers, and ship to production with the click of a button. The code running in production is the child of the massive supply chain.” The bad news is that “It bears the benefits and risks of all the decisions, contributions, features, and flaws manifested by its creators in aggregate.”

As CodeNotary, a software supply chain company, recently observed, “Software is never complete and the code base including its dependencies is an always updating document. That automatically means you need to track it, good and bad, keeping in mind that something good can turn bad.” Yes, exactly so!

The answer, according to Amaral, is to build a comprehensive, automated software supply chain security (SSCS) program: “The Four Ss.” These are:

  1. Software Bill of Materials: This is a list of all the components in a piece of software such as open-source libraries and third-party components. Well-known SBOM approaches include the  Linux Foundation’s Software Package Data Exchange (SPDX) and Supply chain Levels for Software Artifacts, or SLSA (salsa)

  2. Signing: Signing is a way of digitally attaching a verified, immutable developer identity to a piece of code. Coupled with other tools, it allows for creating a transparent, cryptographically secure record of software changes and manifests a permanent, and reliable digital chain of custody for software and related artifacts. Sigstore and Notary.

  3. Slimming: This minimizes your production code footprint by removing unnecessary code. It also inherently reduces software supply chain complexity, software attack surface, and aggregate risk.

  4. Sharing: No one person or organization can provide a comprehensive SSCS solution. Communication about SSCS and collaborating on solutions both within your organization and with other groups is essential to advancing the industry and protecting our software-reliant global ecosystem. When it comes to open-source security, we’re all in this together.

At Slim, Amaral concluded, “Our core value is ‘Know Your Software.’ Slim.AI’s tools can be used alongside vulnerability scanners and SBOM generators to create a holistic view of the software supply chain.” With Slim’s optimization, you can make sure teams ship only what they need for production.

Want to know more? Contact the Slim.AI team for early access. If you’re at  Open Source Summit you can visit the Slim.AI team and learn more about the program at Booth B2.

Related Stories:

Previous Post

I use Alexa to time my wall sits at home, and now I hate the sound of her voice

Next Post

Vintage booze cruise: Board this luxury boat in Bordeaux and sample the joys of France’s vineyards

Related Posts

Enterprise

UK house prices surge despite cost of living squeeze – business live | Business

Key events:Show key events onlyNorthern...

Read more
25 Ways to Stop Spending Money and Save for Retirement
Enterprise

25 Ways to Stop Spending Money and Save for Retirement

Unfortunately, there are no shortcuts...

Read more
Codenotary introduces Software Bill of Materials service for Kubernetes
Enterprise

Codenotary introduces Software Bill of Materials service for Kubernetes

Software Bill of Materials (SBOM)s...

Read more
Enterprise

UK economic outlook ‘very uncertain’ as households are squeezed, warns Bank of England – business live | Business

Bank of England: Global economic...

Read more
5 Steps to Fixing Your Broken Training Program
Enterprise

5 Steps to Fixing Your Broken Training Program

Opinions expressed by Entrepreneur contributors...

Read more
Load More
Next Post

Vintage booze cruise: Board this luxury boat in Bordeaux and sample the joys of France's vineyards

  • Trending
  • Comments
  • Latest
Model Christy Giles found dead on footpath after night out in LA

Model Christy Giles found dead on footpath after night out in LA

‘RHOBH’ Star Stormed Out of Kyle Richards’ House After ‘Big Fight’

‘RHOBH’ Star Stormed Out of Kyle Richards’ House After ‘Big Fight’

Ex-porn star Lana Rhoades flaunts 2.5st weight loss two weeks after giving birth

Ex-porn star Lana Rhoades flaunts 2.5st weight loss two weeks after giving birth

Horror as goat gives birth to ‘humanoid kid’ with baby-like face

Boris Johnson resignation: Who are the runners and riders to replace the PM?

Boris Johnson resignation: Who are the runners and riders to replace the PM?

Call for rental reform to address crisis

Call for rental reform to address crisis

New SUVs tops in NCAP tests

New SUVs tops in NCAP tests

The four-star hotels in Britain that offer lashings of luxury for less, from Scotland to Cornwall

The four-star hotels in Britain that offer lashings of luxury for less, from Scotland to Cornwall

About Us

Todayheadline the independent news and topics discovery
A home-grown and independent news and topic aggregation . displays breaking news linking to news websites all around the world.

Follow Us

Latest News

Boris Johnson resignation: Who are the runners and riders to replace the PM?

Boris Johnson resignation: Who are the runners and riders to replace the PM?

Call for rental reform to address crisis

Call for rental reform to address crisis

Boris Johnson resignation: Who are the runners and riders to replace the PM?

Boris Johnson resignation: Who are the runners and riders to replace the PM?

Call for rental reform to address crisis

Call for rental reform to address crisis

New SUVs tops in NCAP tests

New SUVs tops in NCAP tests

  • Real Estate
  • Education
  • Parenting
  • Cooking
  • NFL Games On TV Today
  • Travel and Tourism
  • Home & Garden
  • Pets
  • Privacy & Policy
  • Contact
  • About

© 2021 All rights are reserved Todayheadline

No Result
View All Result
  • Real Estate
  • Education
  • Parenting
  • Cooking
  • NFL Games On TV Today
  • Travel and Tourism
  • Home & Garden
  • Pets
  • Privacy & Policy
  • Contact
  • About

© 2021 All rights are reserved Todayheadline

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

Posting....