> ## Documentation Index > Fetch the complete documentation index at: https://docs.minimus.io/llms.txt > Use this file to discover all available pages before exploring further. # Trust Center > Minimus commitments on service availability, vulnerability remediation, certifications, and data confidentiality Trust is at the heart of security. Minimus is committed to upholding your trust. Following are our promises to you. ## Service availability Minimus maintains a service availability target of 99.9% uptime. You can see real time and historical availability on our [status page](https://docs.minimus.io/status). ## Vulnerability remediation policy Minimus commits to vulnerability patching within set timeframes, excluding only rare and extraordinary exceptions. **CISA KEV Active Exploits** * Any active exploit vulnerability affecting a Minimus image will be remediated within 1 calendar day from the time a new release is available from the upstream project that fixes the vulnerability. An active exploit is a vulnerability listed in the CISA Known Exploited Vulnerabilities Catalog. [See how Minimus clearly marks active exploits in image cards and advisories](/remediate/threat-intel) **SLAs set by vulnerability severity** * A critical or high severity vulnerability will be remediated within 2 calendar days from the time a new release is available from the upstream project that fixes the vulnerability. * All other vulnerabilities (Medium, and Low severity) will be remediated within 14 calendar days from the date a new release is available from the upstream project that fixes the vulnerability. The above targets are provided under the applicable Minimus Vulnerability Remediation Policy. [**Contact us for further information**](https://support.minimus.io/support/home) See also our [supplementary remediation policies](/remediate/policies/remediation-policy) and [cherry picking policy](/remediate/policies/cherry-pick-patches) ## New version SLA New upstream version releases are incorporated into Minimus images within **7 calendar days** of their original release. This timeline may be extended when significant upstream defects, breaking changes, or exceptional conditions necessitate additional validation. This target is provided under the applicable Minimus Policy. [**Contact us for further information**](https://support.minimus.io/support/home) ## Certification Minimus has secured [SOC 2](https://www.aicpa-cima.com/topic/audit-assurance/audit-and-assurance-greater-than-soc-2) and [ISO 27001](https://www.iso.org/standard/27001) certification. * SOC 2® accreditation is SOC for Service Organizations: Trust Services Criteria. * ISO/IEC 27001 is the golden standard for information security management systems (ISMS). The accreditation covers information security, cybersecurity and privacy protection. ## Data confidentiality and segregation Minimus is committed to data confidentiality. Your Minimus account resides on a private tenant to ensure data isolation and to prevent any data leakage. No information is collected beyond the image pull count metrics which are presented in the UI in the [subscription](/introduction/subscription) and [image card](/foundations/image-card) pages. ## Requesting new images Contact us to request a new type of image or to inquire about altering the packages in an existing image.