We’re incredibly excited to announce general availability of Minimus, an application security platform that fundamentally resets how organizations approach vulnerability management.
If you're a security professional or CISO, you already know the challenge: vulnerability remediation is a never-ending treadmill. Developers spend hours triaging hundreds—even thousands—of vulnerabilities in container images, but can only remediate a select few - around 10% on average. This leaves you exposed with persistent security risks in your environment.
Traditional solutions have invested in faster, better ways to tell you what vulnerabilities you have - but the hard work of triaging, prioritizing, and fixing them has been left to you.
Minimus changes the game entirely. Here’s how:
Minimus images are distroless containers built from the ground up for security. They run our secure operating system, MinimOS and contain only the necessary components to run your applications - eliminating unnecessary layers. Not only does this reduce size and simplify your development workflows and dependency chains, but Minimus images simply don’t have 95% of the CVEs that container images from sources like DockerHub contain. This massive reduction in risk also simplifies and accelerates compliance efforts and frees up developer time for more valuable efforts.
The best part? It’s easy to switch to Minimus; typically this just requires a single change in your manifest or deployment configuration to see the benefits of Minimus’ secure images.
While Minimus significantly reduces risk by providing secure images, remaining CVEs can be effectively prioritized for remediation with Minimus’ integrated threat intelligence. Minimus combines data from the Exploit Prediction Scoring System (EPSS), CISA Known Exploited Vulnerabilities (KEV) and our own security research efforts to pinpoint high-risk CVEs. Advisories are issued for newly identified CVEs impacting Minimus images, which can trigger automated actions within the platform. This integration of prioritization enables teams to focus on remediating vulnerabilities with the highest likelihood of exploitation.
Minimus is a security platform designed with developer experience in the forefront. Getting started with a Minimus image is as easy as changing a single line in your manifest. . The platform offers a SaaS management console and flexible registry deployment, including support for airgapped environments. Threat insights and advisories can be linked to automated actions, such as alerts and updates. Integrations with ticketing systems, chat platforms, and development tools are supported for workflow integration.
Minimus offers a new methodology for application security, focused on building secure-by-default applications. This approach aims to reduce the time and effort spent on vulnerability detection, triage, and remediation. By addressing vulnerabilities at the foundational level, Minimus radically reduces risk and gives your most precious resource - time.
Interested in learning more or seeing Minimus in action? Visit us at RSAC 2025, Booth 360 in the South Expo Hall, or get started for free today.
