BigID Automates Container Security to Reduce Vulnerabilities and Maximize Security Posture

Protecting personal data is more important than ever. See how BigID uses Slim.AI to secure their software from inside out.
Pieter Van Noordennen
Apr 04, 2023

As consumers and product users, we regularly trust companies with our personal data and information, and we want to continue to be able to do so. Unfortunately, our personal and user data is under constant attack. The U.S. Cybersecurity and Information Security Agency cites research indicating that 47% of Americans have had their personal information exposed by cybercriminals, and consumers worldwide lost $358 and 21 hours on average per year dealing with online crime.

In response to high-profile data breaches and misuse of information, government entities are increasingly addressing the needs of citizens by enacting strict data privacy and protection laws that enterprises must abide by. For example, in Europe, the General Data Protection Regulation (GDPR) act now requires that companies have robust processes in place for handling and storing personal information. Another example is found in California, where the California Consumer Privacy Act (CCPA) empowers California residents with certain rights over their data.

As data proliferates and the regulations that govern its collection, storage and use multiply as well, enterprises today are seriously challenged to ensure data security and compliance. Moreover, enterprises need to have visibility into their data and to fully understand the information and decision-making insights that the data can provide. BigID is here to help.

A leader in data security, privacy, compliance, and governance, BigID specializes in enabling organizations to proactively discover, manage, protect, and get more value from their data in a single platform for data visibility and control. Organizations use the BigID Data Intelligence Platform to reduce their data risk, automate security and privacy controls, achieve compliance, and understand their data across their entire data landscape: including multicloud, hybrid cloud, IaaS, PaaS, SaaS, and on-prem data sources.

The BigID application is relied on by companies as the foundation of their data security, governance, and compliance, helping them to secure their most critical assets. Needless to say, when companies rely on you in this way, the security of your own platform is paramount. That’s why BigID takes an aggressive, proactive stance on addressing the security of their containerized application. BigID deploys containers to build its application and also to ship its software solution to its customers. It's critical for BigID to ensure its containers are vulnerability free, hardened for production, and transparent to end users with information available about their security, composition and contents. For BigID, having visibility into the composition and health of their containers is a must. That’s why they partnered with Slim.AI.

“The core of our application is containers, so our developers needed to know and understand containers that make up our application,” explained Gal Malachi, Director of Software Engineering at BigID. “We needed to reduce useless code being shipped to production, and we needed to reduce the number of vulnerabilities in the containers that were used to build our app. Slim.AI offered to help us with that.”

In a design partnership with Slim.AI, BigID set out to address these five questions:

  1. How do we get to “zero vulnerabilities”?
  2. How do we raise potential risks around customer-deployed containers?
  3. Where can we automate vulnerability remediation?
  4. How can we be more transparent to our customers?
  5. How can we reduce the likelihood of future exploits?

“We were thrilled with the initial results Slim.AI provided for our application containers,” said Malachi. “The concept of cutting our vulnerability findings in half with a single click is transformational. Right off the bat we saw our container’s attack surface reduced by more than 60 percent. This is particularly valuable when we implement Slim.AI’s continuous and automated approach to supply chain threat reduction. It ultimately makes our job of securing our software easier and validates for our customers that BigID takes security seriously, even in our development process.”

Now with over 400 containers running with Slim.AI, BigID is able to run automatic security checks in the CI/CD pipeline with the integration.

“Security is part of our cultural mindset at BigID,” said Malachi. “We believe security should be a part of every step of the development lifecycle—from the IDE of the developer to the testing frame, CI/CD, and deployment pipelines, with checkpoints at every step of the development lifecycle.

“We have a lot of tools across the entire supply chain, and that can leave lots of opportunities for vulnerabilities to sneak in,” continued Malachi. “Plus, some of our standard monitoring tools produce a lot of noise, particularly about vulnerabilities that aren’t exploitable. Slim.AI helps us remove the noise and focus on the vulnerabilities that actually matter to the code. This simplifies reports and the process of handling the vulnerabilities that do matter.”

With Slim.AI, BigID has automatically reduced its container attack surfaces by more than 50% before any direct patching or compensating controls are even used. Moreover, Slim.AI’s vulnerability reduction and reporting has encouraged some of BigID’s enterprise clients to adopt newer versions of the BigID solution faster. Finally, BigID has seen an increase in developer velocity, because automating these security measures has given developers time to build new technology instead of mitigating risks.

“Being proactive about software security is essential; security cannot be an afterthought,” said Malachi. “By using the Slim.AI platform to automate the process of shipping slim, secure containers to production, we are securing our software from the inside out, saving developer time and toil in the process. Ultimately, Slim.AI is helping us deliver a safer, more performant product upon which our customers can rely to protect and understand their own data.”


Feel free to drop your questions in our Discord (https://discord.com/invite/BmT5hRrZp6) or dive into to the Slim Platform (https://portal.slim.dev/home) and try it for yourself! We'd love to hear your feedback.

Related Articles

5 Ways Slim Containers Save You Money

Do slim containers really save you money on your cloud bill? Are there cost advantages to smaller containers? Find out here.

Chris Tozzi

Container Insights: Dissecting the World's Most Popular Containers

Join Ayse Kaya in this series, as she creates her 2022 Container Report Chalk Full of Important Security Findings for Developers.

Ayse Kaya

Analytics & Strategy

What We Discovered Analyzing the Top 100 Public Container Images

Complexity abounds in modern development

Ayse Kaya

Analytics & Strategy

2022 Public Container Report

Vulnerabilities continue to increase and developers are struggling to keep up.

Ayse Kaya

Analytics & Strategy

Cloud Development Is Still Too Manual & Complex

Lessons we learned from interviewing more than 30 developers

John Amaral

CEO

Five Things You Should Never Ship to Production in a Container

Here is our take on five things to avoid when creating a container or shipping it to production.

Chris Tozzi

Getting Started with Multi-Container Apps

Up your container game with Docker Compose

Nicholas Bohorquez

Contributor

Serverless Applications and Docker

How to Scale the Latest Trend in Infrastructure

Pieter van Noordennen

Growth

The Squeak Interview

CEO John Amaral joins Chris on his livestream

Where Do You Store Your Container Images?

Container Registry Options are Growing in Number and Complexity

Pieter van Noordennen

Growth

Why Developers Shouldn't Have to Be Infrastructure Experts, Too

Simplifying processes required to containerize and deploy cloud-native apps.

Chris Tozzi

A New Workflow for Cloud Development

Leverage the benefits of containerization without the headaches & hassle

John Amaral

CEO

Why Don’t We Practice Container Best Practices?

Container best practices are easy to understand, hard to do

John Amaral

CEO

Clarifying the Complex: Meet Ivan Velichko, Container Dude at Slim.AI

Ivan recently joined the team at Slim.AI, and we sat down with him to learn more about the path that led him here.

Ivan Velichko

Container Dude

In the Media: The Latest Slim.AI Updates

Take a look at our Latest Mentions in the News Regarding our Partnerships, Advisory Board, Early Access Program, and Docker Extension

In the Media: Slim.AI Series A of $31M

Latest Mentions

Slim.AI and OSI: Why We Advocate for Open Source

Slim.AI continues its support of OSI and sponsors the OSI licensing API as a part of its ongoing advocacy for open source

Pieter van Noordennen

Growth

Growth and Gratitude: Series A Announcement

Sincere thanks to our community of developers and early adopters.

John Amaral

CEO

The DockerSlim Origin Story

How DockerSlim got its start at Docker's Global Hack Day, and the creation of Slim.AI.

Kyle Quest

CTO

Unpacking Culture That Works

Building Culture and Growth in Teams

What We’re Building at Slim.AI

A DevX Platform for Container Management

Josh Viney

Product

Why We Founded Slim.AI

Developers Just Want to Write Code. How Slim.AI is Helping.

John Amaral

CEO