AI agents can build and ship containers in minutes, but the foundations they rely on often carry significant security risk. A typical Ollama container includes 123 packages, even though only a small subset is required for inference. The remaining packages expand the attack surface. This session examines real exploit scenarios, including CVE-2024-37032, which demonstrates a multi-step path from a simple HTTP request to container takeover, and how removing unnecessary components can break the chain. It also looks at supply chain attacks such as Shai-Hulud, where compromised packages can spread rapidly.

Through concrete examples, SBOM analysis, and exploit walkthroughs, the talk highlights why foundation-first security is critical when AI is generating build artifacts such as Dockerfiles. The focus is on understanding where risks originate and how to reduce exposure at the base layer.

What You Will Learn

• How container attack surfaces expand through unnecessary dependencies and base image choices

• How real exploit chains and supply chain attacks impact AI-generated build artifacts

• Why foundation-first security and SBOM analysis are essential for securing AI-driven development

Who Should Attend

• Security engineers and DevSecOps practitioners

• Platform and infrastructure engineers

• Software developers working with containers

• SREs and cloud engineers

• Teams using AI to generate build and deployment artifacts