DATASHEET
Download Datasheet

RapidFort
Curated Images

Start secure. Stay secure. With no code changes

Production grade, Near-Zero CVE container images built on the LTS distributions
you already use. Replace your base images and eliminate inherited vulnerabilities
before development even begins

Up to

99.9%

of CVEs eliminated,
continuously

Up to

90%

smaller software
attack surface

Up to

35K+

Near-Zero CVE images,
ready to pull

A trusted stack, ready to deploy

Browse 35,000+ curated images across Ubuntu, Debian, Red Hat, and Alpine. Hardened to NIST 800-70. FIPS
140-2 and 140-3 validated. STIG and CIS benchmarked.

NIST 800-70
FIPS 140-3

Most vulnerabilities are inherited, not written

Your applications inherit thousands of vulnerabilities from base images and open source before a single line of code
is written. Most tools only detect and rank that risk, leaving your team to chase it forever. RapidFort removes it at the
source, so you ship from a clean foundation instead of cleaning up later.

Deliver fast. Reduce risk. Stay secure.

Continuous protection. Zero code changes required.

rapidfort.com
1 / 4

Why teams choose
RapidFort Curated Images

Drop in, no hassle

Plug-and-playreplacements thatslide right into yourstack.

Runs everywhere

Supports all majorLTS distros andversions, even theminor releases.

Scanner friendly

Rich metadata built in,compatible with everymajor scanner.

No vendor lock-in

Open, independent,and registry flexible.RapidFort's registryor your own.

Secure by default

FIPS validated cryptoand a hardened, STIGcompliant OS out ofthe box.

Always up to date

Critical CVEs fixed in7 days, everythingelse in 14.

Compliance ready

FedRAMP and majorframeworkssupported from dayone.

White glove support

Dedicated customersuccess and hands-on
implementation help.

Built for regulated and
mission-critical environments

Hardened to NIST 800-70. FIPS 140-2 and 140-3 validated. STIG and CIS
benchmarked. DoD trusted, Iron Bank approved, and DISA validated.

Accelerates FedRAMP, cATO, CMMC, SOC 2, NIS 2, CRA, and SLSA readiness.

FIPS 140-3
FIPS 140-2 FI
FIPS 140-3
STIG
CIS
FedRAMP
cATO
PCI DSS
CMMC
SOC 2
NIS 2
CRA
SLSA
DoD
Iron Bank
DISA
rapidfort.com
2 / 4

How RapidFort Curated Images compare

This is some text inside of a div block.
RapidFort
The alternatives
Catalog
35,000+ images, including olderversions, continuously patched
Limited catalogs, often latest
versions only
CVE elimination
Up to 99.9%, across distroless and
full images
45% to 65%, often distroless
only
Operating system
Trusted LTS distros, no lock-in
Proprietary or trademark
restricted variants
Compliance
FIPS 140-3, STIG, FedRAMP,
CMMC, SOC 2, SLSA
Limited or no formal
benchmarks
Government validation
DoD trusted, Iron Bank, DISA
validated
None
Tooling
Full SASM platform: scan, profile,harden, benchmark, build
Fragmented, no integrated
hardening

Put Curated Images to
work in three steps

1

Develop

Pull a Near-Zero CVE image as your
base. It drops into your existing CI/CD
pipeline, pin for pin compatible, with no
re-baselining.

2

Build

Run the RapidFort platform across
your registries and clusters to scan
continuously, track CVE drift, generate
SBOMs, and prioritize real risk.

3

Comply

Harden to NIST 800-70, validate to
FIPS, and auto generate audit evidence.
Reach compliance up to 30% faster and
cut roughly 3 months off certification.

rapidfort.com
3 / 4

Part of one platform that secures
the entire software lifecycle

RapidFort secures the software supply chain from source to runtime, continuously and without code changes.
Curated Images secure what enters your pipeline. The rest of the platform keeps it secure all the way to production.

SOURCE
BUILD
RUNTIME
Secure the source

RapidFort Curated Images deliver NearZero CVE base images. RapidFort Curated
Libraries deliver malware scanned, pin for
pin open source packages that stop
supply chain attacks before the pipeline.

Understand the risk

RapidFort Curated Images deliver NearZero CVE base images. RapidFort Curated
Libraries deliver malware scanned, pin for
pin open source packages that stop
supply chain attacks before the pipeline.

Harden and prove it

RapidFort Curated Images deliver NearZero CVE base images. RapidFort Curated
Libraries deliver malware scanned, pin for
pin open source packages that stop
supply chain attacks before the pipeline.

“By leveraging the RapidFort platform, our organization halved our FedRAMP
certification costs and reduced time to compliance by a full three months.”

Borislav Ivanov

Director of Engineering, Beyond Identity

WORKS WITH

AWS
Google Cloud
Microsoft
Carahsoft
Jira
Jenkins
GitLab
Slack
Harness
CircleCI
Splunk
Sumo Logic
Aqua
Prisma
Twistlock
Snyk
Nessus
CrowdStrike

Eliminate attack vectors at the source

Schedule a Call ->
rapidfort.com
4 / 4