Episode 415 - Reducing attack surface for less security
Open Source Security Podcast
English - February 12, 2024 00:00 - 31 minutes - 28.5 MB - ★★★★★ - 38 ratingsTechnology cybersecurity open opensource security source Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 414 - The exploited ecosystem of open source
Next Episode: Episode 416 - Thomas Depierre on open source in Europe
Josh and Kurt talk about a blog post explaining how to create a very very small container image. Generally in the world of security less is more, but it's possible to remove too much. A lot of today's security tooling relies on certain things to exist in a container image, if we remove them we could actually result in worse security than leaving it in. It's a weird topic, but probably pretty important.
Show Notes How I reduced the size of my very first published docker image by 40% - A lesson in dockerizing shell scripts Hacker News Discussion Episode 293 – Scoring OpenSSF Security Scoring