Christian Dupuis
-
The Supply Chain Paradox: When “Hardened” Images Become a Vendor Lock-in Trap
Explore the paradox of hardened container images—strong security gains but hidden vendor lock-in risks. Learn how to harden without losing control.
Read now
-
Remocal and Minimum Viable Models: Why Right-Sized Models Beat API Overkill
Cut costs, reduce latency, and build faster with right-sized AI. Learn why Remocal and Minimum Viable Models are the future of practical AI development.
Read now
-
Everyone’s a Snowflake: Designing Hardened Image Processes for the Real World
Why flexible hardened images drive real security. Learn how platform teams can balance security, usability, and developer happiness at scale.
Read now
-
Hard Questions: What You Should Really Be Asking Your Hardened Image Provider Before You Press the Buy Button
Not all hardened images are secure. Ask these 15+ critical questions to evaluate providers’ patching, flexibility, transparency, and CI/CD compatibility
Read now
-
Security Advisory: High Severity OpenSSL Vulnerabilities
UPDATE: The OpenSSL Project has officially disclosed two high-severity vulnerabilities: CVE-2022-3602 and CVE-2022-3786. These CVEs impact all OpenSSL versions after 3.0. The sole exception is version 3.0.7, which contains fixes for those latest vulnerabilities. Previously, these CVEs were thought to be “critical.” Learn more here.
Read now
-
Resolve Vulnerabilities Sooner With Contextual Data
OpenSSL 3.0.7 and “Text4Shell” won’t be the last critical vulnerabilities to plague your development team. Here’s how contextual data, Docker, and Atomist can help you remediate.
Read now
-
Security Advisory: CVE-2022-42889 “Text4Shell”
Learn more about the CVE-2022-42889, aka “Text4Shell” vulnerability in the “Apache Commons Text” Java library — and how Docker Security Scans identify it.
Read now