When you use a standard container image, you usually get a lot of extra software you didn't ask for. This extra software can bring along security bugs because it effectively increases the attack surface. Once bugs are present, you have to spend time looking at them, looking for resolutions, workarounds or just proving they don't matter. This takes time away from writing code.
This isn't just a minor frustration. According to the 2025 Stack Overflow Developer Survey, over 60% of developers say that security and compliance tasks are now a leading cause of burnout. By starting with a cleaner image, we help you remove the tasks that prevent you from focusing on your core work.
This week Red Hat announced Red Hat Hardened Images, small containers that incorporate a minimal set of files for delivering purpose-built applications . Red Hat removed the extra tools so that software developers and IT staff have less to maintain.
For developers who just want to ship code, here are the five benefits of moving to a hardened foundation.
1. Fewer security alerts
The primary challenge in security today isn't finding bugs; it is the time spent fixing them. Recent industry publications suggest the biggest bottleneck for teams is remediation toil.
By using a minimal, distroless design, Red Hat Hardened Images physically remove nonessential software, such as shells and package managers, that often cause these alerts. This removes the source of the noise—rather than merely hiding it—so you can focus on the code that runs your business.
2. Verifiable supply chain trust
With the rise of AI-assisted development, knowing exactly what is in your container is more critical than ever. Industry analysts predict that by 2027, 30% of application vulnerabilities will be caused by vibe coding—code generated using AI without a full understanding of the underlying code. Our built-in Software Bill of Materials (SBOM) provides the transparent inventory you need to verify your AI-assisted projects aren't hiding a liability.
3. Better performance with smaller image footprints
Because these images are smaller, they are faster. For example, the standard Red Hat Universal Base Image (UBI) 9 Python container image has a footprint of more than 1 GB. The Red Hat Hardened Images Python container image is 113 MB. The image uses approximately 10% of the space on your system and moves across the network faster during deployment. This might not seem significant for a single container, but the saved time and space add up quickly when you run hundreds of containers or operate a busy CI/CD environment.
4. Ready-to-run images for your favorite tools
You don't have to build these hardened images from scratch. Red Hat offers a growing selection of ready-to-run images for common developer tools. You can find these in the Red Hat Hardened Images catalog:
Languages and runtimes: We provide a wide range of programming languages and runtimes, from ASP.NET to Rust.
Developer tools: These include tools for development and testing, such as
curlandjq(a tool for processing JSON data).Web services: These include web servers, application servers, and proxies such as Caddy, HAProxy, NGINX, and Apache Tomcat.
Databases and data management: These include containerized, SQL-compliant databases like MariaDB and PostgreSQL, as well as key-value stores such as Memcached and Valkey.
Networking: These include tools like
digand Unbound for troubleshooting DNS issues.Operating system: This is a core runtime for statically and dynamically linked applications based on a minimal glibc runtime.
Security: These include tools like OpenSCAP for compliance and vulnerability management.
These images are updated frequently to ensure they remain secure and compatible with the latest versions of your favorite languages.
5. Tested by Red Hat
Red Hat does more than provide small images; we make sure they work. We track where the code comes from and test it to make sure it is stable. If a new bug is found in the foundation, we provide a fix quickly. You get a clean start without having to do the hard work of building and testing the base layer yourself.
Start building with Red Hat Hardened Images
Red Hat Hardened Images take a different approach from traditional Linux-based containers by providing a verified, minimal foundation. The ultimate goal is more time to innovate, achieved by significantly reducing CVEs and maintenance toil.
Access the growing catalog of no-cost, trusted components at images.redhat.com.
