Skip to main content
With Minimus images drastically reducing the number of vulnerabilities to deal with, your risk and the effort required to mitigate it is also drastically reduced. Minimus images offer a comprehensive solution for optimizing the security of your images. With Minimus, you’ll have the means to keep your stack almost entirely free of vulnerabilities for the long term thanks to the following:
  • Clean Start With Minimus, you’ll start off with a pristine image with few, if any, vulnerabilities. Visit any image in our Minimus Gallery to see the risk reduction comparison data to see the benefit in hard numbers.
  • Lean & Minimal Unnecessary packages and utilities simply aren’t in Minimus images so they have the smallest possible attack surface. Less bulk and less code translate into fewer packages, which in turn means that images accumulate new vulnerabilities at a slower rate. Minimus’ purposeful minimalism translates into an inherent security advantage.
  • Daily Updates Minimus automatically builds every image daily whenever there are packages to update. The complete history of builds is available in the Digest History tab in the image version card. Learn more
Collective industry experience shows that most vulnerabilities in an app originate in the “upstream”. That is, many of the CVEs impacting the typical application are introduced by dependencies, runtimes, and other components they build upon. Historically, the container images available for most apps included many ancillary and supporting components beyond the app itself, expanding your susceptibility to these upstream vulnerabilities. Thus, to actually get ahead on the vulnerability treadmill, you need to both ensure the app itself and all its components are updated while also minimizing unnecessary software in your images.

Mitigating against Vulnerabilities with Minimus

Here’s how vulnerabilities are managed with Minimus:
  • Advisories for Affected & Fixed Images Minimus advisories can be filtered by affected images and available fixed versions. You can use the advisories to prioritize deployment of available fixes and assess the need to implement mitigation strategies and update security controls to contain known vulnerabilities while they await a fix upstream. Learn more
  • Vulnerability Reports for All Versions The version line in the image card show the current vulnerability status for every image version with the ability to drill down for details and jump to the advisory. Learn more
  • Version Line Changelog Every version line has a dedicated view to help you track when fixes were released. Learn more
  • Actions Create actions to trigger webhooks, GitHub Actions, and email and Slack notifications when new image versions or fixes are released. You can fine-tune your actions to trigger only for active or likely exploits or critical severity vulnerability fixes if you prefer. Learn more