| ▲ | morellonet 5 days ago | |||||||
If you’re looking for an alternative here, we (the team that built Twistlock) launched Minimus a few months ago to provide near zero CVE images built continuously from source. We have long experience in this space (we even wrote NIST SP 800-190) and I’d love to talk if we could help anyone. We also have drop in replacement images and charts for Bitnami, as we describe here: https://www.minimus.io/post/the-bitnami-pricing-changes-what... If anyone has tech questions about how it all works, tools we use, customer scenarios, etc I’d be happy to discuss. | ||||||||
| ▲ | mdaniel 4 days ago | parent | next [-] | |||||||
Also, this form is nonsensical https://www.minimus.io/get-started#signup-form because it distinguishes between "Individual" and "Organization" but then Company is a mandatory field. Maybe just go ahead and label it "Lead Gen / Ask For A Demo" | ||||||||
| ▲ | carrodher 4 days ago | parent | prev | next [-] | |||||||
Let me rewrite the comparison used in the "Example: Using Bitnami vs. Minimus" section of the blog post: Using Bitnami Secure Images: You pull a versioned PostgreSQL image built on a minimal-attack-surface OS (Photon). When a CVE is disclosed or a new upstream version is released, Bitnami’s automation takes care of everything: a new container image (and Helm chart, if applicable) is built, tested, and published to your registry within hours. All you need to do is update to the latest version; no manual CVE monitoring, triage, or patching required. | ||||||||
| ▲ | CubsFan1060 4 days ago | parent | prev | next [-] | |||||||
The main question as always is price. I was also interested in things like Chainguard and Docker secure images until I had a sales call with them and found out the price. I can’t seem to find the price anywhere on your site… I assume the reason for that is that it’s also nearly impossible for a non-fortune 500 to afford? | ||||||||
| ||||||||
| ▲ | Beltran 3 days ago | parent | prev | next [-] | |||||||
Is Minimus OS? Bitnami continues as OS project and anyone can build the images from source. | ||||||||
| ▲ | mdaniel 4 days ago | parent | prev [-] | |||||||
Please offer an implementation of the docker-credential helper, just like chainguard does with docker-credential-cgr[1], and don't put throwaway text that says "docker supports credential stores, so good luck to you" on your website https://docs.minimus.io/foundations/authentication#using-a-c... 1: https://edu.chainguard.dev/chainguard/chainguard-images/chai... | ||||||||
| ||||||||