We did it at KubeCon NA - Now weβre bringing it back!
Get ready for the Minimus Double DART Challenge at RSAC and KubeCon EU 2026!
The highest individual score across both events wins a custom Mini Cooper π
So the question is simple: Will RSA or KubeCon have better aim?
#KubeConEU #RSAC
π€ Looking for something fun to add to your #RSAC schedule?
Join us for Secure the Mic, an invite-only karaoke night. No pitches (just vocal ones). No presentations (except your best power ballad). Just good music and good company:
buff.ly/XKSy4lJ
CVEs are inevitable. Slow remediation doesnβt have to be. In this post, we show how Minimus detected a Go vulnerability (CVE-2025-22872), updated the vulnerable module, rebuilt the package, and published a new image, all in under 12 hours:
π Big news heading into RSAC! Minimus is proud to be named a finalist for Best Application Security Solution in the 2026 SC Trust Awards: buff.ly/9wZhEdc
Looking forward to seeing everyone at RSAC Conference when the winners are announced!
#SCAwards2026 #RSAC2026
π― Start practicing your aim, #KubeConEU and #RSAC
π Two conferences. ποΈπ One Mini (Cooper) Prize.
See you at there!
π A package update. A vulnerability fix. Full advisory history.
Minimus' detailed changelogs let you drill into exactly what changed, what was impacted, and whether you want to pull the update. Thatβs how agile security should work.
Minimal images reduce more than vulnerabilities. They reduce storage, transfer costs, CI/CD time, and operational overhead across every environment. This post breaks down the additional benefits:
SCALE 23x is almost here and weβre excited to sponsor this incredible community event.
Workshops, real conversations, and practical sessions across open source, security, and cloud native.
π March 5β8 in Pasadena.
Register for the event here: buff.ly/QvbOjO6
Zero Trust doesnβt start at runtime. It starts with what you build and ship. π οΈ π’
This guide breaks down how hardened, minimal container images help operationalize Zero Trust across the software supply chain, from verified source to runtime enforcement:
As adoption grows, the security of the containers running AI agents is often overlooked. Popular OpenClaw images currently ship with thousands of known vulnerabilities.
We built a hardened minimal alternative with 99% fewer CVEs. Same functionality. Free for the community:
buff.ly/ETat0FE
Catch John Morello on Somainiβs Trust Issues ποΈ
He and Justin Somaini cover everything from John's early days at Microsoft, to practical security lessons, to how Minimus is rethinking the way security should work: buff.ly/dVI4Mgd
Granular access control is essential as container security programs scale. This post breaks down how Minimus RBAC helps teams apply least-privilege access, streamline user management, and maintain clear audit trails across environments:
Most OpenClaw container images have 1000-2000+ known vulnerabilities. Thatβs a big deal if youβre running an AI assistant with access to your messages, files, API keys, and system.
We built a free-to-use Minimus OpenClaw image with the same functionality and 99% fewer CVEs: buff.ly/jkdauGS
Hardening doesnβt stop at the base image. This post explores what application-level hardening involves and how Minimus delivers it alongside built-in compliance and validation:
Teams often need the same certificates or config files across multiple images. Instead of rebuilding that logic repeatedly, file bundling in Minimus allows you to manage those files centrally and include them automatically in private builds.
Learn more: buff.ly/8pXeEiO
Version tags alone donβt tell you what actually changed inside an image. Our detailed changelog shows package updates, vulnerability fixes, and advisories across versions, so teams can review and adopt updates with confidence.
Learn more: buff.ly/kcVKI05
We're having a great time at #ContainerDays London! The Minimus team is here tomorrow too, so stop by to say hello!
βThe problem isnβt malicious code. Itβs unnecessary code.β In this interview, our CEO, Ben Bernstein, reflects on lessons learned, unnecessary complexity, and building software that can actually scale: buff.ly/vjQuAF7
File Bundles in Minimus Image Creator let you include required files in your minimal images automatically, without managing separate build logic or one-off Dockerfile changes. Learn how it works and how to get started: buff.ly/uzUrVVb
#ContainerSecurity #CloudNative #DevSecOps #Minimus
What does a CBOM look like in practice? This post walks through CBOM data formats, emerging tools, and real use cases for container image and platform teams: buff.ly/wq2ar7x
#ContainerSecurity #DevSecOps #Cryptography #Minimus
SBOMs give visibility into whatβs inside container images, but not how cryptography is implemented or configured. This post explores how CBOMs add that missing layer of cryptographic visibility and why they matter for container security: buff.ly/M1JGSBf
#ContainerSecurity #Minimus
β οΈ Open-source FIPS models push long-term responsibility back onto the customer. β
Minimus uses a commercial FIPS validation model so your images stay compliant as vulnerabilities are fixed and standards evolve.
Learn about the options for FIPS validation: buff.ly/d89xfzJ
βοΈποΈ @kat.lol and @isaacrlevin.com talk everything from shipping Kubernetes to how tiny hands somehow became Minimus swag on Coffee and Open Source:
buff.ly/3rCqGHa
π We won the Containers category at the 2025 Tech Trailblazers Awards! These awards recognize innovative enterprise tech startups from around the world, and weβre proud to be among them. Thanks to everyone who voted and supported us.
buff.ly/4oU4OO0
Learn why distroless images offer a more secure foundation than traditional distribution-based images and how to migrate without disrupting your existing workflows:
buff.ly/CC26kU3
#ContainerSecurity #Distroless #DevSecOps #Minimus #CloudNative
ππ‘οΈ Auditors donβt ask if you use FIPS validated images. They ask who maintains validation and how you prove itβs current.
Learn about the three FIPS 140-3 validation models and what they mean for long-term compliance: buff.ly/YnYAcij
We made the shortlist! Minimus is a finalist in both the Containers and Networking categories at the 2025 Tech Trailblazers Awards. π₯³ If youβve been cheering us on this year, we have a request: π³οΈ Vote for us! buff.ly/dGrQPnU
π‘οΈ FIPS 140-3 is the third iteration of the Federal Information Processing Standard that governs how cryptographic modules are designed, tested, and validated.
π Learn more about FIPS and how it strengthens security and compliance in container images: buff.ly/WRfvkAj
#FIPS #compliance
β οΈπ Heard a lot about Sha1 Hulud 2.0? If you want a clear technical breakdown of how the worm spreads, steals credentials, and replicates across GitHub, check out our latest blog post:
Today is Giving Tuesday! This year, we made a donation to Feeding America. At Minimus, we believe we have a responsibility to give back and support our communities in need. We would love to know which organizations youβre supporting this year!
#GivingTuesday #Cybersecurity
