Explore more publications!
European Small Business Network
Submit Press Release

BellSoft's Hardened Images Set New Standard for Container Security

Pioneering 3-in-1 approach combining Java runtime optimization, OS hardening, and proactive CVE remediation delivers 95% fewer CVEs, 30% resource savings, and simplified compliance for enterprise development teams

SAN JOSE, Calif., Nov. 10, 2025 (GLOBE NEWSWIRE) -- BellSoft, the OpenJDK vendor delivering the most complete Java experience, announces Hardened Images, a tool for enhancing the security and compliance of containerized applications in Kubernetes. BellSoft will be demonstrating Hardened Images at KubeCon 2025 in Atlanta, beginning today.

The Container Security Challenge Demands Action

Two-thirds of organizations experienced a container security incident in the past year. The challenge runs deeper than misconfigurations, it's rooted in the software supply chain itself.

A typical container image carries over 600 known vulnerabilities, nearly half of them years old. For Java workloads, the risk is particularly acute: 44% of Java services contain known-exploited vulnerabilities, compared to 5% for Go and just 2% for other languages.

Container hardening addresses these challenges by systematically securing images, configurations and runtimes from the start. By embedding security controls into every stage of the container lifecycle, organizations can protect workloads against misconfigurations, unauthorized access and supply chain risks while meeting increasingly stringent regulatory requirements.

BellSoft Hardened Images Reduce Risk and Simplify Compliance

BellSoft Hardened Images are minimized container images that remove package managers and non-essential components, significantly reducing vulnerabilities and limiting potential attack vectors. These images feature a locked configuration that cannot be modified, minimizing the risk of attackers introducing malware or tampering with the runtime environment.

BellSoft’s images are based on Alpaquita Linux, a lightweight open-source distribution designed with BusyBox and APK. Alpaquita is offered in both musl and glibc variants. Combined with continuous CVE patching, industry-standard OSV schema vulnerability reporting and enterprise support, BellSoft Hardened Images provide a secure, audit-ready foundation that protects businesses, integrates seamlessly with existing security tools and frees up developer time.

The Security Advantages of BellSoft Hardened Images:

  • Reduced Attack Surface: Hardened Images remove unnecessary packages and components that often bloat containers, minimizing potential vulnerabilities and limiting exploitable entry points for attackers.
  • Near-Zero CVEs: BellSoft’s solution delivers continuous monitoring, proactive patch development and timely security updates, helping organizations maintain containers with virtually no known vulnerabilities.
  • Runtime Protection: Hardened Images feature an immutable component set that prevents unauthorized modifications, malware installation and tampering, ensuring that the runtime environment remains secure and stable.
  • Enhanced Compliance: The solution includes a detailed Software Bill of Materials (SBOM), simplifying audits and supporting regulatory and security compliance requirements with minimal effort.

BellSoft’s 3-in-1 Approach Delivers 95% Fewer CVEs and Superior Java Performance

BellSoft Hardened Images stand out among container security solutions through a comprehensive “3-in-1” approach that combines expert Java runtime optimization, custom Alpaquita Linux maintenance and proactive CVE remediation for complete security and performance coverage. Unlike competitors who rely on upstream patch releases, BellSoft’s in-house security expertise enables the rapid creation of custom patches when needed, keeping environments secure without delay.

For Java workloads, organizations migrating from other distributions can see up to a 30% reduction in network, disk space and RAM usage with Liberica JDK Lite, delivering tangible performance gains. Additionally, Alpaquita Linux’s dual support for both musl and glibc libraries offers unmatched flexibility, allowing seamless migration without code rewrites regardless of existing system architecture. Competitive analysis shows over 95% fewer CVEs with BellSoft Hardened Images as compared to standard Java images.

“BellSoft Hardened Images is a response to the growing demand in the market for secure, high-performance container solutions and is consistent with our commitment to providing the most complete and reliable Java experience,” said Aleksei Voitylov, CTO at BellSoft. “By combining expert Java runtime optimization, proactive CVE remediation and a lightweight, flexible foundation, our hardened images give organizations a secure, audit-ready platform that reduces vulnerabilities, improves performance and simplifies migration. This solution not only protects critical workloads from emerging threats but also frees developers to focus on innovation rather than managing security risks, delivering measurable value across IT and business operations.”

Availability and Pricing

BellSoft Hardened Images are available now in three tiers:

  • Community -- offering free Hardened Liberica Runtime Containers (JDK LTS 21 and 25+) on Docker Hub
  • Standard -- providing hardened images across all JDK versions, GraalVM, Go, Python, C and Alpaquita base with 7-day critical CVE remediation SLA and custom image development
  • Premium -- adding technical support and performance optimization consulting

Learn more at https://bell-sw.com/bellsoft-hardened-images/

About BellSoft

BellSoft delivers the most complete Java experience with a more secure, reliable, and cost-effective approach to application development on any platform and in any environment. BellSoft is one of the leading contributors to the OpenJDK, and the only vendor that supports current LTS Java versions, legacy JDK 6 & 7 and Liberica NIK. Liberica JDK is the runtime of choice for VMware, Spring Framework, JetBrains, and millions of users worldwide. For more information, visit www.bell-sw.com.

Contact:
Kevin Wolf
TGPR
kevin@tgprllc.com


Legal Disclaimer:

EIN Presswire provides this news content "as is" without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.

Share us

on your social networks:
Facebook Facebook LinkedIn LinkedIn
AGPs

Get the latest news on this topic.

SIGN UP FOR FREE TODAY

No Thanks

By signing to this email alert, you
agree to our Terms & Conditions