Minimus launches Image Creator for custom container images

Baton Rouge, Louisiana-based tech firm Minimus has expanded its platform with the general availability of Image Creator. The release will allow customers to build and manage their own hardened container images while maintaining security and compliance standards.

The new capability aims to help enterprise users tailor container images for specific workloads while leveraging Minimus's integrated security features.

Custom image support

With Image Creator, users can generate bespoke container images that are managed and secured through Minimus software. These user-built images receive full support, including exploit intelligence, signed Software Bill of Materials (SBOMs), and continuous rebuilds sourced directly from upstream project components. The company said these features are designed to help organisations address open source container security, improve compliance processes, and mitigate operational risks linked to insecure images.

Minimus container images have been developed to reduce vulnerabilities for development and security teams. According to the company, these images contain over 97 per cent fewer Common Vulnerabilities and Exposures (CVEs). They are configured by default to align with security industry benchmarks, such as CIS, NIST, FIPS 140-3, and STIG standards. This setup is intended to reduce routine overhead associated with traditional vulnerability management tools.

"The power of Minimus goes far beyond reducing CVEs. By enabling customers to bring their customized images onto the Minimus platform, we're giving them unmatched control and security for their containerized applications," said John Morello, Chief Technology Officer and Co-Founder of Minimus.

Supply chain protections

The company also introduced a private preview of its Supply Chain Protection feature. This tool is targeted at enterprise concerns around the security of open source software supply chains, especially in widely used frameworks such as Node.js and Python.

Supply Chain Protection will enable policy controls based on package origin, maturity, and usage. These measures can be adopted without any modifications to established developer workflows or toolchains, according to Minimus. The feature is intended to provide an additional layer of oversight for open source assets within container environments.

Cloud partnerships and customers

Since its launch, Minimus' container image technology has gained traction in various sectors. In April of this year, the company announced it had raised USD $51 million in seed funding and has showcased the rapid growth of its product offerings.

Thousands of users have adopted the company's hardened container images, which are now integrated with prominent cloud security platforms, including Aqua Security, AWS, Google Cloud, Orca Security, Snyk, Upwind, and Wiz. Through these partnerships, joint customers can access Minimus image metadata directly within existing cloud security interfaces. The company says the purpose is to reduce the burden of alert noise and enhance visibility into the status of containerised workloads running across distributed environments.

Image Creator is now generally accessible for all current Minimus customers.