For over 18 years, Bitnami by VMware Tanzu has defined how modern enterprises consume open source software. Trusted by millions of developers, with more than 500 million monthly docker pulls. Bitnami Secure Images is the next iteration, offering production-ready open source software delivered continuously in hardened, minimal CVE images. Bitnami Secure Images is a paid for enterprise level upgrade which allows you to accurately assess your security posture through industry standard security artifacts with 24/7 support and image customization features for catalog applications.
Bitnami Secure Images
What's Included in Bitnami Secure Images?
| Features | Open Source Bitnami Packages | Bitnami Secure Images |
|---|---|---|
|
Debian based images |
Legacy catalog access only |
Access to entire hardened 280+ catalog |
|
SBOMs and scan reports |
Delivered as OCI artifact |
Available through Dashboard/UI, API or OCI artifact |
|
Photon Hardened images |
 |
Increments of 10 (depending on purchase qty) |
|
VEX statements for rapid triage of CVEs |
|
Included for Photon images |
|
VM Images (OVA) |
|
190 included |
|
Image customization |
|
Included for Photon images |
|
Distroless application helm charts |
|
 |
|
Accreditation optimized applications |
|
|
|
FIPS |
|
|
|
STIG |
|
|
|
Airgap support |
|
|
Why Bitnami Secure Images?
Built to provide enterprises a full and transparent view of their CVE landscape and enable informed decisions about triage and investment. Bitnami Secure Images helps improve and maintain a stronger security posture by offering only the highest quality, hardened, open source software images. With Bitnami Secure Images, security teams can trust their developers are not exposing their systems to existing CVEs, while IT leaders can be confident that they are making more informed decisions about their true security standing and reduce the technical debt associated with using older, unpatched versions.
Key Features and Benefits
- Access entire catalog of hardened, minimal CVE images for 280+ open source applications for Kubernetes and VMs on any major cloud.
- Comprehensive software bill of materials, SLSA 3 supply chain attestation signatures, anti-virus scans, reports through API for integration with existing enterprise security tools.
- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX).
- More than 110 of the internet's most popular distroless application Helm charts for best class security, 83% smaller with 50% fewer packages.
- Industry standard, low attack surface OS Base (Photon) that is easy to extend.
- Support for building customized images.
Start your journey to Bitnami Secure Images
Bitnami Secure Images FAQ
What is the difference between Bitnami Secure Images and open source Bitnami Packages?
Bitnami Secure Images is a paid offering that gives you access to all of the images and helm charts in the Bitnami catalog while free access includes only a portion of the catalog.
Where can I deploy the applications I get from Bitnami Secure Images?
Applications from Bitnami Secure Images are platform-agnostic and can be deployed on any OCI-compliant Kubernetes environments, on any OCI-compliant container runtime and as VMs on VMware infrastructure.
How frequently are the applications in Bitnami Secure Images verified and updated?
All container images, Helm charts and virtual machines available in the catalog are continuously verified to ensure they include the latest dependencies and minimal CVEs. New versions are only released after they meet specific conditions. This ensures that only relevant updates are delivered to customer registries.
What are Helm Charts and how do they help manage and deploy applications?
Helm charts are a powerful tool used in the Kubernetes ecosystem to help manage and deploy applications. Helm charts are a package of pre-configured Kubernetes resources, which provides a template for deploying an application or service on a Kubernetes cluster.
