Beyond Zero: Eliminating Vulnerabilities in PyTorch Container Images (PyTorch 2024)
Video and transcript of presentation at PyTorch 2024 on eliminating CVEs in the PyTorch image, drawing on best practices …
10 min read
AI with Hardened Container Images
Learning Lab for July 2025 on securing AI workloads with hardened container images
2 min read
The July 2025 Learning Lab with Patrick Smyth covers AI with Hardened Container Images. In this session, learn how to secure AI workloads by reducing vulnerabilities in container images by over 90%. Patrick demonstrates hands-on techniques for training an animal detection model using PyTorch with hardened container images, creating minimal and secure deployments, and running AI frameworks with zero CVEs.
Sections
- 0:00 Introduction and updates
- 2:02 Preparation: Docker pull instructions for demo
- 3:39 Chainguard! Who are we?
- 4:34 CVE system fundamentals
- 6:48 “Boss assigned me to fix Ubuntu” problem
- 7:41 Introduction to Chainguard Containers
- 8:54 Zero CVE containers: Real results and comparisons
- 11:10 How we achieve zero CVEs: Minimal, Fresh, Advisory, Patch
- 13:24 AI container challenges: Size and complexity
- 14:59 PyTorch container analysis: CVEs, packages, and executables
- 16:21 Demo introduction: Image classification with PyTorch
- 17:59 Demo walkthrough and repository overview
- 19:28 Demo: Running the training command
- 22:01 Demo: Downloading test image and running inference
- 23:20 Recent developments in Chainguard AI containers
- 25:09 Other AI containers: TensorFlow, KServe, Triton backends
- 26:46 Q&A
- 35:18 Chainguard AI course and additional resources
Demo
In the demo, Patrick trains and runs inference on an image classification model using PyTorch and Chainguard’s hardened container image. The model classifies images of octopuses, whales, and penguins, demonstrating how to work with AI workloads securely.
Demo Repository: PyTorch Getting Started
Training the Model
First, create a directory for the project and download the necessary files:
mkdir -p ~/image_classification && cd ~/image_classification && \
curl https://codeload.github.com/chainguard-dev/pytorch-getting-started/tar.gz/main | \
tar -xz --strip=1 pytorch-getting-started-main/Then run the training script inside a Chainguard PyTorch container:
docker run --user root --rm -it \
--platform linux/amd64 \
-v "$PWD/:/home/nonroot/octopus-detector" \
cgr.dev/chainguard/pytorch:latest \
"/home/nonroot/octopus-detector/image_classification.py"This command generates a model file named octopus_whale_penguin_model.pt.
Running Inference
To test the trained model, first download a test image:
curl https://raw.githubusercontent.com/chainguard-dev/pytorch-getting-started/main/inference-images/octopus.jpg > ~/image_classification/octopus.jpgThen run the classification:
cd ~/image_classification && \
docker run --user root --rm -it \
--platform linux/amd64 \
-v "$PWD:/home/nonroot/octopus-detector" \
cgr.dev/chainguard/pytorch:latest \
"/home/nonroot/octopus-detector/image_classification.py" \
"/home/nonroot/octopus-detector/octopus.jpg"The demo showcases how Chainguard’s hardened PyTorch image provides the same functionality as traditional images while eliminating vulnerabilities and reducing the attack surface.
Resources
- Slide deck
- Demo repository
- Chainguard AI/ML Supply Chain Security Course
- Getting Started with the PyTorch Chainguard Container
- PyTorch Container Overview
- Beyond Zero: Eliminating Vulnerabilities in PyTorch Container Images (PyTorch 2024)
Last updated: 2025-07-25 12:30