GIDS news media, articles, insights and virtual events educate and illuminate its audiences so they can be fully prepared to deal with the new realities at work and in their professions.
Get the latest event updates, and insights from today's leading voices.
< session />
Wed, April 22 at 11:00 AM - 11:30 AM GMT+5:30OpsTech BackEndDeepTech
AI agents can build and ship containers in minutes, but the foundations they rely on often carry significant security risk. A typical Ollama container includes 123 packages, even though only a small subset is required for inference. The remaining packages expand the attack surface. This session examines real exploit scenarios, including CVE-2024-37032, which demonstrates a multi-step path from a simple HTTP request to container takeover, and how removing unnecessary components can break the chain. It also looks at supply chain attacks such as Shai-Hulud, where compromised packages can spread rapidly.
Through concrete examples, SBOM analysis, and exploit walkthroughs, the talk highlights why foundation-first security is critical when AI is generating build artifacts such as Dockerfiles. The focus is on understanding where risks originate and how to reduce exposure at the base layer.
What You Will Learn
How container attack surfaces expand through unnecessary dependencies and base image choices
How real exploit chains and supply chain attacks impact AI-generated build artifacts
Why foundation-first security and SBOM analysis are essential for securing AI-driven development
Who Should Attend
Security engineers and DevSecOps practitioners
Platform and infrastructure engineers
Software developers working with containers
SREs and cloud engineers
Teams using AI to generate build and deployment artifacts
< speaker_info />
Biswajit De is the Co-Founder and Chief Technology Officer of CleanStart, where he leads the company’s technical vision and product strategy for securing modern software supply chains and cloud-native environments. With more than 17 years of experience in cybersecurity and platform engineering, Biswajit has led the development of innovative security platforms and foundational systems across product engineering, security operations, and large-scale enterprise infrastructure.
At CleanStart, Biswajit drives innovation at the intersection of DevSecOps, cloud security, and secure CI/CD, with a strong focus on building secure-by-design and verifiable-by-design foundations. He is recognized for driving the creation of innovative products and scaling high-performing engineering teams, while translating security strategy into practical, engineer-friendly implementations that embed security directly into developer workflows and enable organizations to move faster with greater resilience and trust.
