Minimus has introduced the Minimus Open Source Program, a new initiative designed to support open source maintainers in improving the security, transparency, and overall integrity of their software supply chains. Through this program, eligible projects are granted complimentary access to a range of advanced tools and resources, including Minimus’ secure container images, comprehensive Software Bill of Materials (SBOM) generation and analysis capabilities, and integrated threat intelligence solutions. Together, these offerings aim to help developers better identify vulnerabilities, manage dependencies, and strengthen trust in the software they build and distribute.
Open source software underpins a vast share of the world’s critical digital infrastructure, yet most maintainers lack access to the security tooling enterprises take for granted. The Minimus Open Source Program aims to close that gap, putting modern supply chain security directly in the hands of the communities that need it most.
Projects accepted into the program can integrate Minimus images into their build pipelines, immediately reducing attack surface for their users. Maintainers will also gain visibility into dependencies and potential vulnerabilities through Minimus’ threat intelligence dashboard.
The Open Source Program builds on a period of rapid growth for Minimus. Since launching publicly at RSAC in April 2025, the company has grown revenue by 285%, expanded its Image Gallery to over 1,200 hardened container images, and shipped major new capabilities, including Image Creator, which enables enterprises to build and manage their own hardened images on the Minimus platform. Minimus images are now supported by major cloud security platforms, including Aqua Security, AWS, Google Cloud, Orca Security, Snyk, and Wiz.
“Open source maintainers are responsible for the software that runs the world’s infrastructure, but they’re rarely given the security tools to match that responsibility,” said Kat Cosgrove, Head of Developer Advocacy, Minimus. “Hardened images, signed SBOMs, and real-time exploit intelligence shouldn’t be enterprise-only capabilities — they should be table stakes for any project that critical infrastructure depends on. That’s exactly what this program delivers.”
The program is open to open source projects using an OSI-approved license that meet minimum project health criteria. Accepted projects receive:
- Access to hardened, compliant images from the Minimus Image Gallery
- Custom image creation, Helm charts, and automatically generated SBOMs
- Real-time exploit intelligence to prioritize CVE remediation and patch efforts
- Image updates in accordance with Minimus’ commercial SLAs
Learn more about the Open Source Program and how it helps projects strengthen security and supply chain integrity by visiting the website here. Applications open March 24, 2026.
Related News:
Chainguard Container Images Surpass 500 Million Container Build Manifests
Container Security Challenges Still Bewilder Software Developers
