Slim.AI has added new capabilities to its Continuous Software Supply Chain Security Solution to help software producers find and continuously remove vulnerabilities, harden container images and reduce container attack surface. The company said that data intelligence platform BigID has begun leveraging Slim.AI’s solution to minimize vulnerabilities in the containers it provides to its customers.
BigID is leveraging the latest tools from Slim.AI to both identify and mitigate vulnerabilities. The two new features—Automated Container Optimization and Multi-Scanner Vulnerability Reports—help BigID stay on top of the vulnerabilities uncovered by third-party vulnerability scanners and then automatically optimize their containers to make them as safe as possible by removing unused code, binaries and files before shipping them to production.
Slim.AI is best known for their container optimization capabilities, stemming from the popularity of their long-standing open source project, DockerSlim. Slim.AI’s new “Continuous Supply Chain Security Solution” adds more security features, tooling, and a better developer experience with a focus on teams and organizations use cases.
With their latest release, Slim.AI adds Multi-Scanner Vulnerability Reporting that allows users of the platform to scan containers, slim them to remove unnecessary components, then scan them again to document for downstream consumers the volume of threats that have been removed.
This system provides documentation of vulnerability removal as well as helping developers focus on removing the far-smaller set of threats that remain before pushing code to production. The feature also allows sharing of this information with all downstream partners to assure full transparency.