The State of Container Security in 2025

In this episode, we dive deep into the current state of container security and why most organizations are getting it wrong.

Topics Covered

• Container Runtime Vulnerabilities: The latest CVEs and what they actually mean for your infrastructure
• Supply Chain Security: Why scanning your dependencies isn’t enough
• JavaScript Fatigue: Neil’s take on the endless cycle of new frameworks
• Security Theater vs Real Security: Taylor breaks down why compliance doesn’t equal security

Key Takeaways

1. Container security isn’t just about the image - runtime security matters
2. Supply chain attacks are getting more sophisticated
3. Most security tools give you a false sense of security
4. Simple, well-implemented security beats complex security theater

Rants and Hot Takes

• Neil on JavaScript frameworks: “Another week, another framework that solves problems you didn’t know you had”
• Taylor on security compliance: “Passing an audit doesn’t mean you’re secure”
• The team on container orchestration: “Kubernetes isn’t magic - it’s just complexity you have to manage”

Join us for a no-BS discussion about what’s actually broken and what’s actually working in container security.