Goodpods logo
Goodpods

Log in

goodpods headphones icon

To access all our features

Open the Goodpods app
Close icon
The New Stack Podcast - Container Security and AI: A Talk with Chainguard's Founder

Container Security and AI: A Talk with Chainguard's Founder

04/22/25 • 20 min

The New Stack Podcast

In this episode of The New Stack Makers, recorded at KubeCon + CloudNativeCon Europe, Alex Williams speaks with Ville Aikas, Chainguard founder and early Kubernetes contributor. They reflect on the evolution of container security, particularly how early assumptions—like trusting that users would validate container images—proved problematic. Aikas recalls the lack of secure defaults, such as allowing containers to run as root, stemming from the team’s internal Google perspective, which led to unrealistic expectations about external security practices.

The Kubernetes community has since made strides with governance policies, secure defaults, and standard practices like avoiding long-lived credentials and supporting federated authentication. Aikas founded Chainguard to address the need for trusted, minimal, and verifiable container images—offering zero-CVE images, transparent toolchains, and full SBOMs. This security-first philosophy now extends to virtual machines and Java dependencies via Chainguard Libraries.

The discussion also highlights the rising concerns around AI/ML security in Kubernetes, including complex model dependencies, GPU integrations, and potential attack vectors—prompting Chainguard’s move toward locked-down AI images.

Learn more from The New Stack about Container Security and AI

Chainguard Takes Aim At Vulnerable Java Libraries

Clean Container Images: A Supply Chain Security Revolution

Revolutionizing Offensive Security: A New Era With Agentic AI

Join our community of newsletter subscribers to stay on top of the news and at the top of your game.

plus icon
bookmark

In this episode of The New Stack Makers, recorded at KubeCon + CloudNativeCon Europe, Alex Williams speaks with Ville Aikas, Chainguard founder and early Kubernetes contributor. They reflect on the evolution of container security, particularly how early assumptions—like trusting that users would validate container images—proved problematic. Aikas recalls the lack of secure defaults, such as allowing containers to run as root, stemming from the team’s internal Google perspective, which led to unrealistic expectations about external security practices.

The Kubernetes community has since made strides with governance policies, secure defaults, and standard practices like avoiding long-lived credentials and supporting federated authentication. Aikas founded Chainguard to address the need for trusted, minimal, and verifiable container images—offering zero-CVE images, transparent toolchains, and full SBOMs. This security-first philosophy now extends to virtual machines and Java dependencies via Chainguard Libraries.

The discussion also highlights the rising concerns around AI/ML security in Kubernetes, including complex model dependencies, GPU integrations, and potential attack vectors—prompting Chainguard’s move toward locked-down AI images.

Learn more from The New Stack about Container Security and AI

Chainguard Takes Aim At Vulnerable Java Libraries

Clean Container Images: A Supply Chain Security Revolution

Revolutionizing Offensive Security: A New Era With Agentic AI

Join our community of newsletter subscribers to stay on top of the news and at the top of your game.

Previous Episode

undefined - Kelsey Hightower, AWS's Eswar Bala on Open Source's Evolution

Kelsey Hightower, AWS's Eswar Bala on Open Source's Evolution

In a candid episode of The New Stack Makers, Kubernetes pioneer Kelsey Hightower and AWS’s Eswar Bala explored the evolving relationship between enterprise cloud providers and open source software at KubeCon+CloudNativeCon London. Hightower highlighted open source's origins as a grassroots movement challenging big vendors, and shared how it gave people—especially those without traditional tech credentials—a way into the industry. Recalling his own journey, Hightower emphasized that open source empowered individuals through contribution over credentials.

Bala traced the early development of Kubernetes and his own transition from building container orchestration systems to launching AWS’s Elastic Kubernetes Service (EKS), driven by growing customer demand. The discussion, recorded at KubeCon + CloudNativeCon Europe, touched on how open source is now central to enterprise cloud strategies, with AWS not only contributing but creating projects like Karpenter, Cedar, and Kro.

Both speakers agreed that open source's collaborative model—where companies build in public and customers drive innovation—has reshaped the cloud ecosystem, turning former tensions into partnerships built on community-driven progress.

Learn more from The New Stack about the relationship between enterprise cloud providers and open source software:

The Metamorphosis of Open Source: An Industry in Transition

The Complex Relationship Between Cloud Providers and Open Source

How Open Source Has Turned the Tables on Enterprise Software

Join our community of newsletter subscribers to stay on top of the news and at the top of your game.

Next Episode

undefined - How Heroku Is ‘Re-Platforming’ Its Platform

How Heroku Is ‘Re-Platforming’ Its Platform

Heroku has been undergoing a major transformation, re-platforming its entire Platform as a Service (PaaS) offering over the past year and a half. This ambitious effort, dubbed “Fir,” will soon reach general availability. According to Betty Junod, CMO and SVP at Heroku (owned by Salesforce), the overhaul includes a shift to Kubernetes and OCI standards, reinforcing Heroku’s commitment to open source.

The platform now features Heroku Cloud Native Buildpacks, which let developers create container images without Dockerfiles. Originally built on Ruby on Rails and predating Docker and AWS, Heroku now supports eight programming languages. The company has also deepened its open source engagement by becoming a platinum member of the Cloud Native Computing Foundation (CNCF), contributing to projects like OpenTelemetry. Additionally, Heroku has open sourced its Twelve-Factor Apps methodology, inviting the community to help modernize it to address evolving needs such as secrets management and workload identity. This signals a broader effort to align Heroku’s future with the cloud native ecosystem.

Learn more from The New Stack about Heroku's approach to Platform-as-a-Service:

Return to PaaS: Building the Platform of Our Dreams

Heroku Moved Twelve-Factor Apps to Open Source. What’s Next?

How Heroku Is Positioned To Help Ops Engineers in the GenAI Era

Join our community of newsletter subscribers to stay on top of the news and at the top of your game.

If you like this episode you’ll love
ITSPmagazine Podcasts

ITSPmagazine Podcasts

Joomla Beat Podcast | Web design, development, online marketing, social media & website management

Joomla Beat Podcast | Web design, development, online marketing, social media & website management

Design Life

Design Life

The Why And The What – Product Management Podcast

The Why And The What – Product Management Podcast

Sunday Sitdown with Willie Geist

Sunday Sitdown with Willie Geist

Episode Comments

Generate a badge

Get a badge for your website that links back to this episode

Select type & size
Open dropdown icon
share badge image

<a href="https://goodpods.com/podcasts/the-new-stack-podcast-389222/container-security-and-ai-a-talk-with-chainguards-founder-89802187"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to container security and ai: a talk with chainguard's founder on goodpods" style="width: 225px" /> </a>

Copy