From c72bb00ab92234fc98fcd1c32f35512da530215a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Rodr=C3=ADguez=20Hern=C3=A1ndez?= Date: Tue, 29 Jul 2025 12:53:31 +0200 Subject: [PATCH] Update ## Why use Bitnami Secure Images? MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Carlos Rodríguez Hernández --- README.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/README.md b/README.md index a6534e9d2a29..dff8a2deda4f 100644 --- a/README.md +++ b/README.md @@ -25,16 +25,16 @@ Beginning August 28th, 2025, Bitnami will evolve its public catalog to offer a c These changes aim to improve the security posture of all Bitnami users by promoting best practices for software supply chain integrity and up-to-date deployments. For more details, visit the [Bitnami Secure Images announcement](https://github.com/bitnami/containers/issues/83267). -## Why use Bitnami Images? +## Why use Bitnami Secure Images? -- Bitnami closely tracks upstream source changes and promptly publishes new versions of this image using our automated systems. -- With Bitnami images the latest bug fixes and features are available as soon as possible. -- Bitnami containers, virtual machines, and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. -- All our images are based on [**minideb**](https://github.com/bitnami/minideb) -a minimalist Debian-based container image that gives you a small base container image and the familiarity of a leading Linux distribution- or **scratch** -an explicitly empty image-. -- All Bitnami images available in Docker Hub are signed with [Notation](https://notaryproject.dev/). [Check this post](https://blog.bitnami.com/2024/03/bitnami-packaged-containers-and-helm.html) to know how to verify the integrity of the images. -- Bitnami container images are released regularly with the latest distribution packages available. +- Bitnami Secure Images and Helm charts are built to make open source more secure and enterprise ready. +- Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX), KEV, and EPSS scores. +- Our hardened images use a minimal OS (Photon Linux), which reduces the attack surface while maintaining extensibility through the use of an industry standard package format. +- Stay more secure and compliant with continuously built images updated within hours of upstream patches. +- Bitnami containers, virtual machines and cloud images use the same components and configuration approach - making it easy to switch between formats based on your project needs. +- Hardened images come with attestation signatures (Notation), SBOMs, virus scan reports and other metadata produced in an SLSA-3 compliant software factory. -Looking to use our applications in production? Try [VMware Tanzu Application Catalog](https://bitnami.com/enterprise), the enterprise edition of Bitnami Application Catalog. +Only a subset of BSI applications are available for free. Looking to access the entire catalog of applications as well as enterprise support? Try the [commercial edition of Bitnami Secure Images today](https://www.arrow.com/globalecs/uk/products/bitnami-secure-images/). ## Get an image