Great article. I would like to suggest that the steps to reduce CVEs described here are only some of the possible solutions. I personally discovered distroless containers and Chainguard images to be reducing the CVEs to 0 in most cases without code changes or even complex multi stage builds.
Great article. I would like to suggest that the steps to reduce CVEs described here are only some of the possible solutions. I personally discovered distroless containers and Chainguard images to be reducing the CVEs to 0 in most cases without code changes or even complex multi stage builds.
I wrote an article about it at https://cloudnativeengineer.substack.com/p/shrink-to-secure-kubernetes-and-compact-containers-296b67d9975a