Valentin Rothberg
Valentin was a core maintainer of Podman, driving advancements in Edge, HPC, security, and performance. He helped kick off Image Mode for RHEL and bootable containers, and served as Product Owner for Image Mode. He pioneered in agentic AI development ultimately leading to his current role as the architect of Project Hummingbird, a critical supply chain security initiative providing a curated catalog of minimal, hardened, and secure container images built on a modern, automated pipeline.
Red Hat
Senior Principle Software Engineer
Session
There’s been a monumental increase in the number of CVEs (vulnerabilities) tracked in Open Source. Nearly 50,000 identified in the last year. 130 a day. This is the latest big shift in how Open Source works, let's discuss where it came from.
Due to the explosion in CVEs it has become hard for users to determine which software they use is actually vulnerable. Many users now have very different expectations: they want distributions that make all of this noise just “go away”. It’s impossible to evaluate this waterfall of CVES for actual security impact.
Manually backporting all these patches, the way RHEL and long term other stable distributions do, is becoming untenable. Other approaches are popping up, and let's look at one of them: Hummingbird. A large set of minimal containers that are built as close to upstream as possible, and thus have as many fixes for identified vulnerabilities as possible. Built on fully automated large scale supply chain, no humans involved until required.