OSI Sponsor: Why OSI, Slim.AI

This week, we’re pleased to spotlight another OSI sponsor, Slim.AI, and learn why Open Source is important to their organization.

Slim.AI helps developers create, build, deploy and run their cloud-native applications more efficiently and securely. The unique approach used by Slim.AI moves the focus on container optimization upstream in the DevOps lifecycle, giving developers the tools they need to author, manage and ship production-ready containers efficiently and effectively.

We asked our sponsors at Slim.AI to share the organization’s intrinsic ties to Open Source, its reasons for supporting the Open Source Initiative, and its hopes for the open source movement. Here’s what they said:

DockerSlim is an open source tool for developers to simplify and optimize the developer experience with containers by making containers smaller and more secure. It was created by Kyle Quest as an open source project in 2016 during Docker Global Hack Days. Subsequently, Slim.AI was launched in 2020 to give developers more container analysis and container optimization capabilities, with DockerSlim as the core technology underpinning it. So, it’s not surprising that we at Slim.AI believe in the importance of showing support for the concept and definition of open source software and in giving back to the community.

The mission of Slim.AI is to help developers build secure containers faster through container optimization and management. Today, container best practices are leveraged through a SaaS platform that gives developers the ability to understand what’s in their containers and reduce the container’s attack surface. Since launching, several open source projects have used Slim.AI to better understand what’s in the containers they’re shipping to production, and more companies each day are using Slim.AI to leverage Open Source in their infrastructure.

Open source projects often deliver their software in the form of containers, but those containers can sometimes create a barrier to sharing and understanding what’s in the software. Slim.AI’s tools can be used alongside vulnerability scanners and SBOM generators to create a holistic view of the software supply chain, and Slim.AI’s optimization capabilities can make sure teams ship only what they need to production. Slim.AI’s current container profiles give information about the containers’ file system, metadata, attack surface, and history. This means less risk of shipping unneeded software — software that may contain vulnerabilities or compliance issues.

Supporting OSI also helps developers

We know that running open source projects isn’t easy, and supporting organizations like OSI helps developers everywhere continue to contribute to their favorite open source projects. We became a member of OSI and have sponsored OSI’s licensing API that makes it easy to check if licenses are approved by OSI. As a developer-first organization, this is one way we can help improve the developer experience.

The work OSI is doing here directly relates to our core value of “Know Your Software” and we want to support that work however we can. Slim.AI is eager to incorporate the new API in the suite of container analysis tools once it’s available. It’s a natural alignment with our values of helping developers know what’s in their containers.

Slim.AI is seeking to democratize information about containers and make it easy for developers to know what’s in their software. We invite and encourage developers to use and contribute to the DockerSlim open source project, and get a free account to the Slim.AI Saas Platform via our website. Additional free services to help developers better know and secure their containers are scheduled to launch later this year.