Curated container images provide a secure foundation for software development and accelerated FedRAMP authorization

SAN FRANCISCO: RapidFort, a leading innovator in cybersecurity pioneering Software Attack Surface Management (SASM), has launched RapidFort Curated Images, helping organizations quickly reach near-zero common vulnerabilities and exposures (CVEs) within their software. Meticulously patched to reduce the number of total vulnerabilities, RapidFort Curated Images offer a secure foundation for software development and deployment, featuring daily rebuilds, FIPS readiness and accelerating FedRAMP compliance and saving enterprise development resources.

RapidFort Curated images is the first of a three step process leveraging the RapidFort Platform to remediate up to 95% of all CVEs across the application development process. RapidFort's secure container image repository includes three categories of curated images, available in both FIPS and non-FIPS versions: base images, framework images and third-party open-source images. All images are STIG-compliant, hardened and patched, and include RapidFort’s unique analysis providing contextual “Justification Advisory” to weed out real vs. false positive CVEs. The repository is updated several times per week and whenever a new patch for a known CVE is released. Historical versions of these images are retained for 6 months after they reach end-of-life, ensuring continued access. Unlike first generation near zero CVE image vendors in the market, RapidFort does not force customers to re-baseline to a proprietary operating system with no real community support. RapidFort images are based on the most mature and popular Linux distributions: Ubuntu, Red Hat, and Alpine to minimize the impact and ensure compatibility with our end customer’s existing software builds.

Organizations can significantly reduce costs and resource allocation dedicated to vulnerability management with RapidFort Curated Images. The need for a dedicated team of engineers to research and patch images is eliminated, reducing costs to a tenth. When combined with RapidFort’s SASM platform, users can remediate the majority of their software vulnerabilities automatically and early in the development cycle. When leveraging Rapidfort’s Platform, users can expect:

• Up to a 10% reduction in development cycle time for patching unused components
• An 88% reduction in software attack surface
• A 2-3 week reduction in code release time for every major release
• A 1-3% infrastructure cost savings from smaller size images
• Up to 11x faster container boot time

“Software vulnerabilities are a perpetual challenge for developers, creating a relentless cycle of patching that can leave organizations vulnerable. Compliance regulations, like FedRAMP, DSS, PCI and public companies facing breach notification mandates, add another layer of complexity to this problem,” said Mehran Farimani, CEO of RapidFort. “Our new curated images offering is a game-changer for organizations striving to enhance their security posture while maintaining operational efficiency. By providing a secure, meticulously patched foundation for software development, we empower our clients to achieve near-zero CVEs and navigate the complexities of compliance with ease.”

RapidFort offers an end-to-end solution for CVE remediation, addressing all three lifecycle steps: starting with curated images, instrumenting and profiling, and hardening and monitoring. Unlike other offerings that rely on third parties and additional tools, RapidFort provides a comprehensive platform that manages the entire remediation process, from images to production. This unique capability positions RapidFort as a leader in the market, delivering unparalleled security and compliance solutions, as exemplified by the company’s inclusion in SpaceWERX’s Innovate to Accelerate cohort.

To learn more about RapidFort Curated Images, please visit: https://hub.rapidfort.com/

For more information about the RapidFort platform, please visit: https://www.rapidfort.com/

About RapidFort

RapidFort offers a cybersecurity platform that streamlines and secures modern infrastructure. Their innovative approach allows organizations to continuously monitor and minimize their software attack surface, ultimately improving their security posture and operational efficiency. RapidFort empowers development and security teams with a free tier and free community images, making it easy to get started with secure software development. Learn more about RapidFort at https://www.rapidfort.com/.

Fonte: Business Wire