The Sched app allows you to build your schedule but is not a substitute for your event registration. You must be registered for KubeCon + CloudNativeCon Europe 2025 to participate in the sessions. If you have not registered but would like to join us, please go to the event registration page to purchase a registration.
Please note: This schedule is automatically displayed in British Summer Time (BST) (UTC +1). To see the schedule in your preferred timezone, please select from the drop-down menu to the right, above "Filter by Date." The schedule is subject to change and session seating is available on a first-come, first-served basis.
Answering the question “How secure are your container images?” should be far more science and far less art. Now, it can be. Chainguard have developed Container Hardening Priorities (CHPs), a standard for assessing the security of container images.
Inspired by SLSA, CHPs is a set of criteria for classifying container images to security """"levels"""". Higher levels are progressively harder to achieve. The criteria are split into 4 areas:
Minimalism; reducing the complexity and attack surface of a container Provenance; proving the origins of a container and the software inside it Configuration and metadata; which settings to configure on images CVEs; reducing the number of known vulnerabilities in images
The criteria ranges from straightforward checks such as not running as root, to more complex advice around ensuring provenance. The criteria are largely independent, allowing teams to focus on the areas most important for their use case. In this demo, you’ll see hands-on examples of how the criteria can be applied to various container images.
Come to this demo, learn how to assess the security standing of your images, and finally have a comprehensive and straightforward way to answer: “How secure are your container images?"
