AI-driven coding practices and workload modifications are introducing system vulnerabilities while claiming to accelerate mission performance. The core problem is that existing vulnerability management practices cannot keep pace with rapidly evolving AI tools, making it difficult to minimize risk to troops conducting operational missions.
Operating with confidence in the field means knowing your tools are not going to fail, whether it is an M27 IAR or the AI-driven tactical C2 putting fires on target. RapidFort specializes in making software systems reliable by eliminating software container risks through its comprehensive Software Supply Chain (SSC) security platform.
Container Vulnerabilities Are a Growing Risk in Defense Software
Every software-driven organization grapples with container vulnerabilities. The DoW's drive to field the best systems to operational troops increases this risk. Most mission systems rely on core software from Linux distributions and community software bases with overly large software baselines. Systems built on this software commonly contain known and unknown Critical Vulnerabilities and Exposures (CVEs).
Using curated images that include fixes for these CVEs dramatically reduces the attack surface. In addition, unnecessary code represents unnecessary risk, as this code may harbor CVEs. Deploying hardened software images mitigates this risk by eliminating unnecessary code. Without hardening, excess code expands the vulnerable attack surface and introduces hidden CVEs.
Why AI Coding Tools Are Accelerating the Problem
AI coding tools are resource-intensive engines used to develop, train, and deploy models, but often focus on end states rather than optimizing operational compute and storage. AI coding tools amplify security problems by indiscriminately using open-source distributions rather than curated and hardened images from RapidFort.
Modern AI coding tools constantly change, use more open-source dependencies, and deploy more pervasively than traditional tools. Models, frameworks, and supporting services update daily or weekly rather than quarterly or annually. Every non-hardened software artifact that is implemented by these tools magnifies the risk. These are not new risks but old ones that are now accelerating: vulnerability backlogs grow faster as more software is deployed. The CVE list in 2025 averaged 132 new vulnerabilities per day, up 20% from last year, and triple the number from 2020.
Operational Consequences of Poor Vulnerability Management
Operational consequences from poor vulnerability management include:
- Restrictions on ATO-accessible technologies, with fewer AI tools approved for production
- AI deployment slowdowns as container stacks fail compliance on mission timelines
- Inability to compete with adversary AI tactics, increasing mission risks
- Recurring, high financial costs to manage vulnerability backlogs
- Highly skilled engineers focused on chasing and patching CVEs rather than delivering new capabilities
Vulnerability management practices for DoW solutions must meet mission timelines, whether or not AI is involved. AI-enabled platforms should improve cyber defense, not increase security exposure. The solution requires addressing runtime-relevant exposure, reducing CVE counts, and allowing authorizing officials to distinguish noise from mission impact. Solving this problem prevents units from pursuing one-off hardening efforts through leveraging a leading-edge solution, creating a consistent, data-driven pipeline.
The Solution: RapidFort's Curation and Hardening Platform
RapidFort provides a practical curation and hardening platform for containerized workloads to reduce risk, manage vulnerabilities, and deploy new capabilities at mission speeds.
DoW software deployments across Marine, Army, Navy, Air Force, and Space Force show that RapidFort optimized images are able to reduce vulnerabilities by up to 99.9%. This happens by curating and hardening images to remove excess code, and curating patched images to remediate source vulnerabilities.
How It Works
Start With Minimal Risk by Deploying Curated, Near-Zero CVE Images
RapidFort has created an extensive catalog of curated images, which includes base operating systems and third-party services built on long-term support distributions. Deploying images from the Iron Bank Container Catalog and comparable commercial solutions with curated, near-zero CVE packages reduces overall vulnerability numbers by over 90%. RapidFort offers over 35,000+ curated container images, more than any other offering, and is the only platform-based solution.
Create Real-Time Vulnerability Awareness
RapidFort starts with the Software Bill of Materials (SBOM) as the existing state and then measures what actually runs with a Runtime Bill of Materials (RBOM) before fixing what matters today. RapidFort identifies which binaries, libraries, and files are actually used by profiling the runtime operation during mission-representative operation. Components not exercised are identified for removal, allowing teams to make policy, code removal, and testing decisions iteratively.
Ensure Secure Supply Chains for Today and Tomorrow's Operations
RapidFort continuously rebuilds using the smallest footprint. The Runtime Bill of Materials (RBOM) retains only required components. Unused shells, package managers, utilities, and any known or unknown CVEs hidden in unused code are eliminated. Across representative workloads, this process also reduces image sizes by up to 90% and vulnerabilities by 70 to 90%.
In one Java example, the RapidFort process reduced a project from 839 MB and 101 CVEs to 241 MB and 0 CVEs, a 71% and 100% reduction respectively. In a Ubuntu instance, reductions included 801 MB to 244 MB, 83 CVEs to 1, and packages from 244 to 63. This allows engineers to focus on building mission capability today.
The Platform: Four Core Tools
RapidFort employs a unique, leading-edge platform to make the mission happen. This allows integrating and coordinating solutions, curating answers, and maintaining secure systems. The four elements below compose the RapidFort platform:
Generates a Software Bill of Materials (SBOM) for selected instances, tracing image origin, packages, CVEs, size, and other elements.
Generates and compares the Runtime Bill of Materials (RBOM) with the SBOM, and suggests replacements from the curated library to reduce CVE counts and package size.
Highlights and removes excess code to minimize the attack surface, further reduce CVEs, and optimize runtime execution.
Compiles data into audit-ready documents for compliance with ATO, NIST, FedRAMP, and other standards.
Use Case: Hardening a Zero Trust AI Platform
Organizations using RapidFort are able to employ core functions. For example, a DevSecOps engineer responsible for a zero trust access analytics platform follows a simple sequence:
Without changing code, the engineer runs RapidFort on the unit's registry and Kubernetes cluster. RapidFort inventories images, builds SBOMs, and reconciles CVEs to create a consolidated risk assessment, including independent RF-Advisory suggestions.
Curated, near-zero CVE images from RapidFort's catalogs and Iron Bank content for proprietary USAF and USSF applications are swapped for community or legacy images across the current instantiation. In some cases, a single-line Dockerfile change immediately reduces the environment's CVE volume.
The engineer executes tests and representative mission scenarios. RapidFort profiles container behavior and produces an RBOM for each, listing only used components.
RapidFort builds hardened images containing only RBOM-required components, plus any team-designated, whitelisted items. Removal of unused tools, libraries, and associated vulnerabilities happens here.
Hardened images are re-scanned. Remaining CVEs map only to runtime-necessary components, simplifying accreditation and risk acceptance. RapidFort integrates into CI/CD pipelines so each change triggers build, analyze, profile, harden, and deploy for the baseline container and subsequent Kubernetes clusters.
Mission Effects and Insight
RapidFort's secure process enables faster, safer AI-enabled operations, a stronger zero-trust container foundation, and high-fidelity software supply chain risk data for commanders.
Faster, Safer AI-Enabled Operations
Start with near-zero CVE images, then eliminate additional vulnerabilities by removing unused components rather than patching to shorten acceptable risk paths. Hardened images possess smaller attack surfaces and clearer risk narratives to accelerate accrediting AI-enabled systems, freeing cyber teams to focus on higher-priority missions instead of endless vulnerability triage.
Stronger Zero-Trust Container Foundations
SBOMs, RBOMs, and hardened images give operators and security teams a layered, runtime-accurate view of containerized AI workloads. This approach directly supports zero trust principles and aligns with the Enduring Security Framework (ESF) team's software supply chain visibility requirements, showing what is in the software, its behavior, and delivery mechanisms.
High-Fidelity Software Supply Chain Risk Data for Command
Maturing DoW risk scoring and attestation practices, supported by RapidFort and other contributors, accompany containers with machine-readable artifacts and technical security bulletins. Developers and operators subscribe to needed containers and receive consistent risk scores and alerts if new issues arise. For Command, this acts as a practical "check engine light" on critical software stacks, enabling decisions to move beyond commercial discovery into direct mission alignment at the speed of AI-driven operations.
RapidFort partnered with Iron Bank to release 25 hardened images under a TACFI incentive. Across multiple customers, these reductions routinely eliminate CVE counts by up to 99.9% and attack surfaces by up to 90%.
Conclusion: Continuous Security at Mission Speed
RapidFort provides government teams with a repeatable tactic for securing mission systems, including rapidly evolving AI tools. If the goal is rapid, secure operations using cutting-edge technology, RapidFort makes that happen.
The tasks start with curated near-zero CVE images, observe real runtime behavior, rebuild minimal hardened images under policy, and continuously maintain zero-trust container infrastructure. Continuous operations, continuous security, all delivered at mission speed.
