Today, the Tanzu Division of Broadcom is pleased to announce Bitnami Secure Images, a new commercial offering based on a radical approach to CVE transparency, that provides production-ready containers and pre-built Helm charts that minimize the operating system attack surface. With a deep understanding of the constantly changing supply chain security threats that enterprise developers face, we’re introducing Bitnami Secure Images to provide continuously built images that are updated within hours of upstream patches, and a more transparent view of their true security posture.
Bitnami Secure Images is the evolution of Bitnami’s free community application catalog. It is built on the notion that enterprises need a full and transparent view of their CVE landscape in order to make better decisions about triage and investment. It helps organizations improve and maintain a stronger security posture by offering only the highest quality, hardened, open source software images. Security teams can trust their developers are not exposing their systems to existing CVEs with Bitnami Secure Images.
Ultimately, with Bitnami Secure Images, IT leaders can be confident that they are making better, more informed decisions about their true security standing, and they can also reduce the technical debt associated with using older, unpatched versions.
Building on our Commitment to the Bitnami Community
For over 18 years, Bitnami has defined how modern enterprises consume open source software. Releasing some of the first software packaging technology in the industry, spanning virtual machines and later cloud native containers, Bitnami has helped enable the consistency, security and compliance enterprises require. Today, Bitnami operates a state-of-the-art SLSA Level 3 software factory, providing greater security to over 2600 container images used by thousands of organizations worldwide.
Bitnami software is built in accordance with some of the highest standards including DISA STIG, FIPS, and NIST 800-53. It’s important to note that Bitnami’s software is used in some of the most demanding security contexts including highly regulated enterprises and government agencies. Further, Bitnami software is renowned for its broad selection and ease of use, with over one million active deployments per month of ready-to-deploy applications, databases and runtimes. Given this widespread adoption, Broadcom recognizes the need to focus on offering only the highest quality images and providing radical transparency around known CVEs to support the teams responsible for keeping millions of software packages patched and up-to-date.
Bitnami Secure Images Provides Enterprise-Grade, Security-First Packages
Bitnami Secure Images directly addresses the security and compliance needs of mission-critical platforms that rely on open source software. This enterprise-grade offering is designed to support these efforts with:
- More than 280 hardened container applications built on a more secure, low attack surface operating system, continually rebuilt with the latest security updates in a SLSA Level 3 software factory, with support available for DISA STIG, FIPS and FedRAMP.
- Radically transparent security with full visibility into known CVEs through the industry standard Known Exploited Vulnerabilities Catalog (KEV), VulnCheck, and Vulnerability Exploitability Exchange (VEX) security feeds. This provides developers and security teams with the advisory data they need to quickly understand the severity of security threats and appropriately triage remediation efforts.
- More than 118 Helm charts that provide a consistent, enterprise-ready format for rapid deployment of the most popular open source applications.
- New distro-less application Helm charts for popular applications that are up to 83% smaller and up to half the number packages required at runtime compared to other popular container images.*
- Software bill of materials (SBOMs) that comply with United States Executive Order 14028, including SLSA 3 supply chain attestation signatures, anti-virus scans, reports through API for integration with existing enterprise security tools and more.
Our commitment to providing hardened software and industry-leading transparency around known CVEs helps Bitnami Secure Images customers understand their compliance status, have more confidence in their security posture and quickly remediate security vulnerabilities.
A Curated Set of Packages for the Bitnami Community
Alongside these security-first features in Bitnami Secure Images, Broadcom is also evolving the free, community Bitnami catalog toward the new hardened package composition. For the first time, the community will have access to more hardened, reduced-footprint images with fewer CVEs, greatly improving the security posture of all Bitnami users.
To support this transition, beginning August 28th, 2025, the Bitnami team at Broadcom will begin to deprecate support for non-hardened Debian-based software images available in its free tier and gradually remove the non-latest images from its catalog. This will result in community access to a focused set of more hardened, more secure images. These free images are intended for development and only available on the “latest” tag. Additionally, Bitnami will not be changing its open source nature, and continues to make its source available under Apache 2.0 license.
With these changes we aim to support development best practices that contribute to more secure, resilient and up-to-date applications for all. For production use, users can access all of the versions, including long-term support branches with the commercial version of Bitnami Secure Images.
Additionally, the entire historical archive of Debian images and charts will be moved to a new location: Bitnami Legacy Registry. This temporary mirror provides the community more time to upgrade existing running apps using Debian images. However, these Debian images will no longer receive security patches, are unsupported software, and as such their use should be kept to a minimum. For more information, please see the Readme on this page.
Bitnami Secure Images also includes features designed to support development and deployment of production applications, including:
- Enterprise support for Bitnami Helm charts and containers used by thousands of organizations around the world.
- A robust metadata API containing SBOMs, VEX, and other metrics for every image that is ready to integrate into enterprise compliance and risk management tools.
- Easy extensibility and customization of Bitnami Secure Images through Photon OS which uses an industry standard package format.
“As enterprises and the broader developer community increasingly contend with evolving security threats, the demand for more secure and transparent software packages has intensified. Bitnami Secure Images provides hardened images with a reduced attack surface, benefitting both the industry and individual users. Bitnami is helping enable a stronger industry posture for secure application development.” –Rachel Stephens, Research Director, RedMonk
Ready to explore Bitnami Secure Images right now? Arrow Electronics is Broadcom's trusted global distributor for Bitnami Secure Images and your go-to partner for easy purchasing and reliable support. Arrow is well-known for its ability to help businesses navigate the complexities of modern IT landscapes, providing the tools and expertise needed to drive digital transformation. Get started today.
*Broadcom Internal Analysis, 2025