Please be advised that our Bitnami Portal will be undergoing maintenance on Saturday, May 23, from 9:30 PM PDT to 11:30 PM PDT, during which time our system will not be available. We apologize for any inconvenience and appreciate your patience.

Bitnami Secure Images

Gain confidence, control and visibility of your software supply chain security with production-ready open source software delivered continuously in hardened images, with minimal CVEs and transparency you can trust. 

Security through Transparency

Give your development teams access to thousands of production-ready, hardened images.

Accurately assess your security posture through industry standard security artifacts.

Get 24/7 support and image customization features for catalog applications.

Why do highly regulated industries trust Bitnami for production?

280+ Apps

Production-ready OSS applications plus the internet's favorite Helm charts

Security with Transparency

Includes VEX docs, CVE scan results, KEVs, SBOM for all images

Built for compliance

Reduce NIST Accreditation time up to 80%. Supports FIPS, STIG and FedRAMP

Trusted and Proven

Over 500 million docker pulls and one million active deployments per month

Air-Gap Ready

Out-of-the-box support for air-gapped environments

Contact sales for everything Bitnami Secure Images has to offer.

Start using the free development version of Bitnami Secure Images today.

Bitnami Secure Images at-a-glance

Access thousands of hardened, minimal CVE images of 280+ open source applications for Kubernetes and VMs on any major cloud
More than 110 of the internet’s most popular Helm charts, plus distroless charts for best in class security, 83% smaller with 50% fewer packages
Stay more secure and compliant with continuously built images updated within hours of upstream patches 
Triage security vulnerabilities faster, with transparency into CVE risks using industry standard Vulnerability Exploitability Exchange (VEX)
Comprehensive software bill of materials, SLSA 3 supply chain attestation signatures, anti-virus scans, reports through API for integration with existing enterprise security tools
Support for building customized images
Minimal attack surface OS Base (Photon) that is easy to extend using industry standard package format
Application Bitnami Secure Images
Size AMD (MBs) Package Count Average CVE Count KEV Reports VEX Statements CVE Scan Results Software Bill of Materials FIPS, STIG, FedRAMP
.NET 68.22 36 0 yes yes yes yes yes
Java 101.57 48 0 yes yes yes yes yes
MariaDB 18.84 29 0 yes yes yes yes yes
Node.js 48.99 30 0 yes yes yes yes yes
Python 20.03 46 0 yes yes yes yes yes
Ruby 28.71 321 0 yes yes yes yes yes
Table showing examples of popular Bitnami applications and associated size, package counts, average CVE counts, and included features and support for security and compliance standards.

Frequently Asked Questions

Developers can access a portion of Bitnami Secure Images for non-production use cases. Free images are only available in the latest tag. See our Dockerhub for a list of what’s free. For access to all the images/applications in the catalog, along with many other benefits, you can purchase Bitnami Secure Images. Bitnami Secure Images allows you to use open source software application components in mission-critical projects and production environments in a secure, sustainable and compliant manner.

Applications from Bitnami Secure Images  are platform-agnostic and can be deployed on any OCI-compliant Kubernetes environments, on any OCI-compliant container runtime and as VMs on VMware infrastructure. We test the applications in our catalog across all major Kubernetes platforms including Tanzu Kubernetes Grid Integrated, Google Kubernetes Engine, Amazon Elastic Container Service, Azure Kubernetes Service and Red Hat OpenShift, so that you can confidently deploy them on any platform of your choice.

View our verification matrix

All container images, Helm charts and virtual machines available in the catalog are continuously verified to ensure they include the latest dependencies and minimal CVEs. New versions are only released after they meet specific conditions. This ensures that only relevant updates are delivered to customer registries.

Container images
A new container is triggered as long it fulfills any of the following cases:

  • A fix for a critical CVE is detected in the OS package
  • An upstream update in the main component of the container is detected
  • There are changes in the configuration scripts such as feature improvements or bug fixes
  • Every 30 days if a new version of the container was not released within that period

Helm charts
A new Helm chart is triggered as long as it fulfills any of the following cases:

  • A new Helm chart is released in Bitnami Secure Images
  • A new feature or fix for an existing application is merged to the catalog
  • A new version of the main container is triggered that fixes a critical CVE
  • Indirectly when there is an upstream update in the main container
  • Every 30 days if a new version of the chart was not released within that period

Virtual machines
A new VM is triggered as long it fulfills any of the following cases:

  • An upstream update in the main component of the VM is detected
  • A critical security fix is available
  • Every 30 days if a new version of the application was not released within that period

Bitnami Secure Images implements the following policies:

  • Bitnami Secure Images triggers a release of a new Helm chart when a new version of the main server or application is detected. For example, if the system automatically detects a new version of MariaDB, the Bitnami Secure Images pipeline automatically releases a new container with that version and also releases the corresponding Helm chart if it passes all tests. That way, Bitnami Secure Images ensures that the application version released is always the latest stable one and has the latest security fixes.
  • Bitnami Secure Images triggers a release of a new chart when a package that includes a fix for a CVE from the distribution in any of the containers that it includes is detected. The system scans all our containers and releases new images daily with the latest available system packages. Once the pipeline detects there is a new package that fixes a CVE, our team triggers the release of a new Helm chart to point to the latest container images.
  • The Bitnami Secure Images team monitors different CVE feeds—such as Heartbleed or Shellshock—to fix the most critical issues as soon as possible. Once a critical issue is detected in any of the catalog charts included in Bitnami Secure Images, a new solution is released. Bitnami Secure Images provides updates in less than 48 business hours.

Contact our distribution partner, Arrow, to purchase Bitnami Secure Images today! Contact Arrow 

Software supply chain security pioneers for highly regulated industries

Since 2007, Bitnami has revolutionized open-source software deployment, providing prepackaged application stacks that simplify application development and delivery.

Bitnami is trusted by millions of developers. With more than 500 million monthly docker pulls, Bitnami has positioned itself as a mature and reliable partner. Its extensive catalog, robust security practices and continuous innovation set it apart in the software supply chain security industry. Bitnami's enduring commitment to excellence ensures developers can build with confidence, supported by a proven industry pioneer.