Join DaShaun Carter and Cat Edelveis for a live breakdown of the 2025 State of Container Security survey, where we’ll uncover the surprising (and sometimes uncomfortable) truths revealed at Devoxx 2025. We’re moving past the marketing hype to look at what’s actually happening in the trenches—from the security gaps that teams are quietly struggling to close to the shifting strategies that high-performing orgs are using to stay ahead. If you’ve ever wondered how your container practices truly stack up against the rest of the industry, you won’t want to miss these exclusive insights.

Coffee + Software

A live discussion between two developer advocates covering findings from a 2025 container security survey of 400+ DevOps and Java professionals. Key findings: security is now the top priority when choosing base container images, yet 69% of respondents use JDKs with known CVEs, only 18% generate a software bill of materials, and 40% still include package managers or curl in production images. The conversation covers base image choices (Alpine leads at 41%), JDK distributions, the risks of outdated OpenJDK images, update frequency gaps, and the security implications of bloated container images. Native images, CRaC, and Alpakita Linux (Bellsoft's musl-optimized distro for Java workloads) are also discussed as paths toward better performance and security.

Is Your Container Security Strategy Setting You Up for Failure? #coffeesoftware