Trust is at the heart of security. Whether you are on the free tier or are a paying customer, Minimus is committed to upholding your trust. Following are our promises to you.

Service availability

Minimus maintains a service availability target of 99.9% uptime.

Image update SLA

Minimus is committed to patching CVEs in its images within the following estimated timeframes:

  • A critical severity vulnerability will be remediated within 7 calendar days from the date a new release is available from the upstream project that fixes the vulnerability.
  • All other vulnerabilities (High, Medium, and Low severity) will be remediated within 14 calendar days from the date a new release is available from the upstream project that fixes the vulnerability.

In the event of high-profile CVEs that impact low-level, widely used packages, Minimus will take commercially reasonable efforts to rebuild all images promptly.

Certification

Minimus has secured SOC 2 and ISO 27001 certification.

  • SOC 2® accreditation is SOC for Service Organizations: Trust Services Criteria.
  • ISO/IEC 27001 is the golden standard for information security management systems (ISMS). The accreditation covers information security, cybersecurity and privacy protection.

Data privacy

Minimus respects your privacy and fully protects all information about which images you pulled and when. Your Minimus account is completely separate and private to prevent any data leakage. No information is collected beyond the pull count, which is shown to the user.

Requesting new images

Contact us to request a new type of image or to inquire about altering the packages in an existing image.