OWASP Tampa Chapter 2026 June Lunch n' Learn
Details
Welcome to our OWASP Tampa 2026 February Lunch and Learn!
We invite you to join us and members of our local Tampa Bay community to hear from industry experts in cybersecurity. This lunch and learn will bring topics that influence discussion among your peers and provide a venue to meet others that share your passions.
Agenda:
- 11:15am - Registration and Lunch
- 12:00pm - Speaker - Mello - Cisco Security
- 1:00pm - Depart
Title:
Distroless Containers: Less OS, Less Risk
Speaker:
Mello - a Greater Tampa Bay security architect and self-described cigar smoking security greybeard with 35 years of experience securing SaaS, cloud, and application platforms. He has spent his career helping teams turn security requirements into practical engineering patterns, from infrastructure hardening to application security and compliance. Mello has multiple certifications, is a published author and speaker, and a named inventor on a security-related patent.
Abstract:
Container images often ship with way more packages and software than an application actually needs: shells, package managers, debugging tools, and libraries that increase vulnerability noise and give attackers useful post-exploitation tooling. Distroless containers take a different approach by packaging only the application, its runtime, and the minimum required dependencies.
This talk will explain how distroless images reduce security exposure, where they fit into modern container hardening guidance, and what tradeoffs teams should expect when adopting them. We’ll compare traditional base images with distroless alternatives, discuss why removing shells and unused software matters, and connect the topic to recent Linux privilege-escalation and container escape concerns such as Copy Fail and Dirty Frag.
Attendees will leave with a practical understanding of how to improve the security posture of their container environments along with samples they can use after the talk. The goal is not to claim distroless is magic, but to show how it meaningfully reduces attacker convenience and operational attack surface when combined with good container security hygiene.
Location:
GuidePoint Security
3030 N Rocky Point Dr W
STE 600
Tampa, FL 33607
Sponsors:
Cisco Security