This interview was recorded for GOTO State of the Art in November 2025.https://gotopia.techRead the full transcription of this interview here:https://gotopia.tech/articles/425Adrian Mouat - Developer Relations at Chainguard & Author of 'Using Docker'Charles Humble - Freelance Techie, Podcaster, Editor, Author & ConsultantRESOURCESAdrianhttps://bsky.app/profile/adrianmouat.comhttps://twitter.com/adrianmouathttps://github.com/amouathttps://linkedin.com/in/adrianmouathttp://www.adrianmouat.comCharleshttps://bsky.app/profile/charleshumble.bsky.socialhttps://linkedin.com/in/charleshumblehttps://mastodon.social/@charleshumblehttps://conissaunce.comLinkshttps://images.chainguard.devhttps://www.cisa.gov/sbomhttps://www.chainguard.dev/supply-chain-security-101/the-npm-registry-cant-protect-you-the-new-javascript-supply-chain-attackshttps://oxide-and-friends.transistor.fm/episodes/discovering-the-xz-backdoor-with-andres-freundhttps://edu.chainguard.devDESCRIPTIONIn this State of the Art episode, Charles Humble speaks with Adrian Mouat, Developer Relations at Chainguard and author of "Using Docker", about the evolution of container security and the persistent challenge of outdated packages.Adrian explains how traditional Linux distributions weren't designed for the immutable, frequently-replaced nature of containers, leading to security vulnerabilities that scanners detect but teams struggle to address. He discusses how Chainguard tackles this problem by building everything from source using Wolfi, creating minimal "distroless" images with near-zero CVEs, and how concepts like SBOMs, attestations, and defense in depth are reshaping security practices.The conversation also covers major security incidents including the XZ Utils backdoor and Shai-hulud attacks, emphasizing the importance of building from source, using short-lived credentials, and replacing rather than updating containers – practices pioneered by companies like Google that are gradually spreading across the industry.RECOMMENDED BOOKSAdrian Mouat • Using Docker • https://amzn.to/3PEYIJLLiz Rice • Container Security • https://amzn.to/3oU4iJeLiz Rice • Kubernetes Security • https://www.oreilly.com/library/view/kubernetes-security/9781492039075BlueskyInstagramLinkedInFacebookCHANNEL MEMBERSHIP BONUSJoin this channel to get early access to videos & other perks:https://www.youtube.com/channel/UCs_tLP3AiwYKwdUHpltJPuA/joinLooking for a unique learning experience?Attend the next GOTO conference near you! Get your ticket: gotopia.techSUBSCRIBE TO OUR YOUTUBE CHANNEL - new videos posted daily!