Cloud software security firm Minimus today expanded its product portfolio with the general availability of Minimus Supply Chain Protection and minicli. The tools introduce a unified approach to managing third-party software risks and container image configurations.
The release of Supply Chain Protection directly targets vulnerabilities found within the application package universe, where interwoven dependencies are frequently maintained by isolated third parties. Operating seamlessly as a pull-through proxy for NPM and PyPI, the solution evaluates public packages based on popularity, commit data, and cooling-off periods before they reach CI/CD pipelines. Platform teams can deploy multiple configurations tailored to the risk tolerances of different development environments.
In tandem, Minimus has launched minicli, a public command-line tool downloadable for macOS and Linux (AMD and ARM). The utility allows developers to inspect custom image structures—including internal file bundles and environment variables—and manage private images directly from the terminal. By converting image recipes into YAML files, teams can easily integrate change controls and automation into their existing technology stacks.
Together with Minimus Images, which eliminate up to 98% of standard container base image vulnerabilities, these updates offer an end-to-end strategy for securing both OS packages and application dependencies.
About Minimus
Minimus delivers a modern foundation for secure container software, open-source dependency management, and software supply chain security. The company was founded in October 2022 by container security pioneers Ben Bernstein, Dima Stopel, and John Morello (co-authors of NIST SP 800-190 and founders of Twistlock) to solve the ongoing operational burden of cloud vulnerability remediation. By engineering high-security container images directly from upstream project sources with only the absolute minimum software required to run, Minimus completely neutralizes 98% of typical cloud software vulnerabilities. Minimus offers a highly scalable, developer-friendly solution that deploys instantly via standard tools, and is backed by a $51M seed investment from YL Ventures and Mayfield.