This talk will focus on the development and importance of "golden images"—Docker base images that are free from Common Vulnerabilities and Exposures (CVEs). Golden images play a crucial role in maintaining the security and integrity of software deployments. By ensuring that base images have zero CVEs, organizations can significantly reduce the attack surface and mitigate security risks. The talk will cover the methodologies for creating these secure images, the tools and best practices involved, and how integrating golden images into CI/CD pipelines can enhance overall security and operational efficiency in DevOps environments.
Shipping Containers with 0 vulnerabilities
Stefan Cristian Radu / Speaker
DevOps Guild Lead
Raiffeisen Bank
Raiffeisen Bank
Hello there! With over 7 years of experience in DevOps and automation, I am committed to enhancing security and streamlining processes through the integration of DevOps, Cloud, and Security practices. I believe that staying ahead of potential threats is crucial for any organization, and I'm dedicated to ensuring that our clients' systems are as secure as possible. I specialize in CI/CD pipelines and automation, and I enjoy improving deployment speed and reliability. In short, I'm eager to apply my knowledge and skills to help organizations achieve their goals, whether it's by improving their workflows, enhancing their security, or implementing new technologies.