Building a CIS compliant container image isn’t the hard part. Maintaining compliance across container environments as dependencies grow, base images change, and new CVEs emerge is where most teams struggle.
Here's what continuous CIS hardening looks like, and how Minimus helps: buff.ly/BPWXGM1
John Morello explains how Minimus works with Merge Ready. Swap your base image, drop your CVE count - it's as simple as that.
Full video: buff.ly/fSH3aW1
Open source powers everything, and securing it is a shared responsibility.
Kat Cosgrove talks about why giving back isn’t optional, and how we’re doing our part with free access to Minimus hardened images for eligible projects: buff.ly/FJv0Y2M
Watch the full video: buff.ly/bux07Dt
@kat.lol
A lot of security gaps come down to lack of visibility. The Minimus Activity Log gives teams a clear audit trail of platform access, token changes, and custom image activity, making it easier to investigate issues, maintain accountability, and stay ahead of risk:
We break down container runtimes, static vs. dynamic binaries, and how to avoid runtime failures before they hit production:
Are you affected? If you’ve…
❎️ ran trivy v0.69.4–0.69.6
❎️ used trivy-action before 0.35.0
❎️ setup-trivy without pinning
… rotate everything: ssh keys, cloud creds, k8s secrets, .env files.
full breakdown and update here: buff.ly/hHfOsSK
A lot's happened since trivy v0.69.4 last week:
🗓️ Mar 22: malicious v0.69.5 + v0.69.6 pushed to docker hub
🗓️ Mar 22: teamPCP defaced all 44 repos in aqua's github org
🗓️ Mar 23: Checkmarx KICS GitHub Actions and few OpenVSXPlugins were affected
🗓️ Mar 24: LiteLLM compromised on PyPI
👇
Most teams don't know what's actually in their container images. Minimus shows you how many packages are in your image and what vulnerabilities they're carrying.
📦️ public node image = 500+ packages.
📦️ Minimus node = 15.
= 97% package reduction, 100% fewer CVEs.
Full breakdown: buff.ly/sEVwkny
One week. Two events. A lot of great conversations. Thanks to everyone who stopped by, said hi, and took a shot at the dart board 🎯
We’ll see you at the next one!
#Minimus #KubeConEU #RSAC
📸 Tiny prints, big week.
That's a wrap on KubeCon EU - we had a great time!
If you’re at RSAC, today’s your last chance to come by booth # S-1061. The Mini Cooper is still up for grabs! Stop by to beat our current DART high score 🎯🚗
#RSAC #RSAC2026
We actually can be in two places at once…
Can you guess which is our RSAC booth and which is our KubeCon booth?
If you’re at either event, come find us:
📍 RSAC: Booth # S-1061
📍 KubeCon: Booth # 940 + 🎯 Space # 340
#KubeConEU #RSAC #ContainerSecurity #Cybersecurity
Step 1: Focus 🎯
Step 2: Trust yourself
Step 3: Win a Mini Cooper 🚗
The previous competition winner makes it look easy. Catch us at KubeCon EU booth # 340 + RSAC # S-1061 to take your shot.
#KubeConEU #RSAC #Minimus
Minimus has two booths at #KubeCon - Come say hi!
📍 Booth # 940 - Hang out and talk container security and minimal, hardened images.
🎯 Activation Zone # 340 - Play our DART Challenge: Winner takes home a brand new car!
A photo of a small pink whoopie cushion with the Minimus logo on it in black, resting in my hand.
If you are at Kubecon and think farts are funny, I have a VERY limited number of @minimus.io whoopie cushions available!
If you maintain an open source project, we want to support you. We’re excited to launch our Open Source Program, providing access to our secure, minimal images free of charge to eligible projects.
Apply or get more information here: buff.ly/dbV6OQm
#OpenSource #ContainerSecurity @kat.lol
Had a great time at Open Source Security Con today! Come see us tomorrow at KubeCon - Booth # 940
It’s a big week for Minimus! We won 3 Global InfoSec Awards 🏆
🏅 Market Leader: Container Security
🏅 Market Disruptor: Cybersecurity Startup
🏅 Editor’s Choice: Software Supply Chain Security
We’re grateful for the recognition and for the teams building with us!
Using Trivy? v0.69.4 was compromised in a supply chain attack. We break down what happened and what to do if you’re affected: buff.ly/3Pr1qjF
Another event, another Mini Cooper giveaway! That's right - we're bringing the Minimus DART Challenge to KubeCon AND RSAC next week, and someone's leaving with a car!
Come see us at RSAC booth S-1061 / KubeCon booth 940 🎯 🚙
#KubeCon #RSAC #Cybersecurity #ContainerSecurity #CloudSecurity
Can't wait for KubeCon EU next week! We're at booth 940 - don't forget to stop by.
Happy to have you on the team and support the work you do for the Kubernetes ecosystem! @kat.lol
It's not embarrassing to like your own post if you do it from the brand account btw
I'm very lucky that @minimus.io considers the work I do for Kubernetes to be part of my job. That isn't true for most maintainers. Projects are failing or suffering attacks because of a lack of contributors from companies built on top of them, and that's *everyone's* problem.
dev.to/katcosgrove/...
Heading to RSAC next week? Join us for a panel lunch, The Cyber Wok 🍜, on Tuesday, March 24.
We'll have two panels discussing AI agents, autonomous security, and the risks security leaders are watching next.
Spots are limited, so request your seat soon: buff.ly/LjAgEE6
#RSAC #RSA #RSAC2026
With RSAC and KubeCon EU coming up, some people are brushing up on Kubernetes and threat models...
🎯 Others are training for the Minimus Double DART Challenge.
🚙🏆 Get ready for your chance to win a custom Mini Cooper!
#KubeConEU #RSAC #RSA #KubeCon #CloudNativeCon
🍻 Heading to KubeCon Europe?
Join us Monday, March 23rd at Tulips & Taps, a happy hour at the iconic Heineken Brewery. Get some drinks, bites, and a chance to connect with the cloud native community before the week kicks off.
Register here: buff.ly/SsMDlHg
#KubeCon #CloudNativeCon #Kubernetes
We did it at KubeCon NA - Now we’re bringing it back!
Get ready for the Minimus Double DART Challenge at RSAC and KubeCon EU 2026!
The highest individual score across both events wins a custom Mini Cooper 🚙
So the question is simple: Will RSA or KubeCon have better aim?
#KubeConEU #RSAC
🎤 Looking for something fun to add to your #RSAC schedule?
Join us for Secure the Mic, an invite-only karaoke night. No pitches (just vocal ones). No presentations (except your best power ballad). Just good music and good company:
buff.ly/XKSy4lJ
CVEs are inevitable. Slow remediation doesn’t have to be. In this post, we show how Minimus detected a Go vulnerability (CVE-2025-22872), updated the vulnerable module, rebuilt the package, and published a new image, all in under 12 hours:
🏆 Big news heading into RSAC! Minimus is proud to be named a finalist for Best Application Security Solution in the 2026 SC Trust Awards: buff.ly/9wZhEdc
Looking forward to seeing everyone at RSAC Conference when the winners are announced!
#SCAwards2026 #RSAC2026
