State of the Art of Container Security • Adrian Mouat & Charles Humble • GOTO 2026

Adrian Mouat from Chainguard discusses the evolution of container security, highlighting the flaws of traditional Linux distributions for modern container workflows. He explains how Chainguard's approach of building minimal, 'distroless' images from source using Wolfi addresses the noise from vulnerability scanners, and delves into the importance of SBOMs, attestations, and a 'defense in depth' strategy, contextualized by recent major security incidents like the XZ Utils backdoor and Shai-hulud attacks.