Chainguard Free Images vs. Minimus Community: Side-by-Side Comparison

By
Yael Nardi
July 9, 2026

Key takeaways

  • Chainguard and Minimus both publish purpose-built hardened images. Their free tiers diverge most on scope and on what happens when you outgrow free.
  • Chainguard Catalog Starter (free, in beta as of March 2026) gives you five fixed images from the full catalog, restricted to corporate email, and explicitly excludes Chainguard's CVE remediation SLA.
  • Minimus Community gives free self-service access to hundreds of hardened images, built-in compliance capabilities, secure Helm charts, and signed SBOMs per image version.
  • The pricing cliff differs on each side: Chainguard’s five-image cap jumps to paid Catalog pricing that starts at $19,000 for a team of 10, while Minimus Community includes compliance capabilities that Chainguard reserves for paid tiers. Contractual SLAs and support remain paid offerings on both platforms.

Picking a free hardened-image source in 2026 comes down to one question: how far does free actually get you before you hit a wall? Chainguard Catalog Starter gives you five hand-picked images with no contractual remediation SLA. Minimus Community gives you self-service access to hundreds of images, Helm charts, signed SBOMs, and compliance capabilities that are available in both Community and Enterprise tiers. Both ship the same artifacts their paying customers use, so the real decision is about breadth, measurement, and cost at scale.

The short answer: choose Minimus Community if you want to evaluate many images at once and keep your options open; choose Chainguard Catalog Starter if you have settled on a small, fixed set of images and want Chainguard's specific catalog. 

Minimus Community offers self-service access to hundreds of hardened images, secure Helm charts, signed SBOMs, and built-in compliance capabilities with no per-image cap stated at signup. Chainguard Catalog Starter caps you at five images that cannot be changed for the life of the free plan, per Chainguard Academy (June 2026).

Chainguard's strength is catalog depth. Its factory powers more than 2,200 open source projects and roughly 400,000 architecture-specific image versions as of its March 2026 announcement, and Catalog Starter draws from that full catalog. If the five images you need are obscure, Chainguard is more likely to already have them. Neither free tier, however, carries a contractual CVE remediation SLA.

This comparison covers what each free tier includes, how each vendor measures and reports vulnerabilities, where the compliance line sits, and the exact moment free runs out. Every competitor figure here is dated to June 2026 and cited to Chainguard's live pricing and documentation, because terms in this category change fast. Where Chainguard is genuinely strong, the piece says so.

For the full product-level breakdown beyond the free tiers, the Minimus vs. Chainguard comparison page carries the complete feature matrix.

Chainguard Starter: what is included

Chainguard Catalog Starter is a standalone free plan that lets a team run five Chainguard container images in production at no cost. It launched in beta on March 17, 2026, and is separate from Chainguard's paid Catalog and per-image subscriptions, per the Chainguard Catalog Starter documentation (accessed June 2026).

The plan includes specific, verifiable terms:

  • Five non-FIPS images of your choice from the full catalog, spanning base, application, and AI/ML images, including all supported versions.
  • The same hardened, continuously rebuilt artifacts that paying customers receive, built in SLSA Level 3 infrastructure with Sigstore-signed SBOMs.
  • Helm charts that depend on your chosen images, which count toward the five-image limit.
  • Unlimited pulls with no metering.

The exclusions matter more than the inclusions for an advanced buyer. Catalog Starter is explicitly not covered by Chainguard's CVE remediation SLA, per Chainguard's CVE policy (June 2026). The five images are fixed and cannot be swapped for the life of the plan. FIPS-validated images, STIG hardening, EOL Grace Period images, Custom Assembly, and Commercial Builds are all excluded. Sign-ups are limited to corporate email domains, there is no user management or RBAC, and there is no access to support tickets, root cause analysis, or phone escalation. For the broader set of Chainguard-style providers, see Chainguard alternatives for hardened image providers.

Minimus Community: what is included

Minimus Community is the free self-service tier that gives developers access to Minimus hardened images without a sales conversation. Signing up provides access to hundreds of secure, minimal container images hardened to CIS and NIST standards, built-in compliance capabilities, and secure Helm charts.

Every Minimus image ships with a cryptographically signed SBOM for each versioned digest, generated and signed during the build and verifiable with Cosign. Images are continuously rebuilt from upstream source as dependencies change, which is the same build approach behind Minimus's commercial images. The Minimus platform overview describes how the gallery, builds, and registry fit together.

What the free Community tier does not guarantee is the contractual support and remediation layer. Community includes FedRAMP-ready images with FIPS, STIG, CIS, and NIST provable compliance. Enterprise adds contractual remediation SLAs, dedicated support, and other commercial capabilities. Qualified open source maintainers are a separate case: the Minimus Open Source Program grants them free access to thousands of hardened images, including FedRAMP and FIPS 140-3-ready images and compliance reporting, in exchange for project qualification. 

Image coverage: how many images, and which ones matter

Coverage is where the two free tiers differ most sharply. Minimus Community exposes the full breadth of the Minimus gallery, hundreds of hardened images, with no documented five-image cap at signup. Chainguard Catalog Starter draws from a larger total catalog but restricts you to five fixed selections. The question is not who has more images overall; it is how many you can actually use for free.

Coverage dimension Chainguard Catalog Starter Minimus Community
Images usable for free 5 fixed, non-FIPS, cannot be swapped Hundreds, self-service
Total catalog drawn from 2,200+ projects (March 2026) Hundreds of hardened images
Common runtime (nginx) Counts as 1 of 5 Included in gallery access
Common datastore (postgres) Counts as 1 of 5 Included in gallery access
Common language (python) Counts as 1 of 5 Included in gallery access
Custom image builds Not in free plan Not in free plan

The practical implication: a typical web stack of nginx, postgres, python, plus an ingress controller and a cache already exhausts Chainguard Catalog Starter's five-image budget, with the chosen set frozen afterward. Definitions for the terms used here live in the Minimus image glossary. For teams comparing free hardened images against a public registry instead of a second vendor, the Docker Hardened Images alternatives breakdown covers that axis.

Vulnerability reduction: how each vendor measures and reports

The two vendors reduce vulnerabilities the same way, by building minimal images from source so fewer packages ship, but they measure and report the result differently. Minimus states its images help teams avoid over 97% of container CVEs versus standard public equivalents and pairs that with VEX data and exploit intelligence. Chainguard frames its result around continuous rebuilds and its CVE remediation posture, backed by build-time SBOMs and security advisory feeds.

The measurement distinction is the part that affects an audit. Minimus generates a signed SBOM per image version and publishes VEX to mark vulnerabilities that are present but not exploitable, then layers real-time exploit intelligence using EPSS and the CISA KEV catalog so teams can rank residual CVEs by actual exploitation rather than CVSS base score alone. That reporting model is detailed on the Minimus zero-CVEs page.

Chainguard's reporting strength is its SLA on paid tiers: a contractual seven days for critical and 14 days for high, medium, and low severity, per chainguard.dev/pricing (June 2026). That SLA is the measurable backbone of its reporting, but it does not apply to Catalog Starter images. So on the free tiers, both vendors report a low residual CVE count, and neither attaches a contractual remediation deadline to those numbers. Read free-tier CVE claims as a snapshot, not a commitment.

Compliance: CIS, NIST, STIG — what each platform covers

Compliance is one of the clearest differences between the two free offerings. Both provide hardened images and signed SBOMs, but Minimus Community also includes compliance capabilities that are available across both Community and Enterprise tiers.

The relevant frameworks are concrete. The CIS Docker and Kubernetes Benchmarks define configuration hardening; NIST SP 800-190, the application container security guide, calls for tracking and managing the software components inside container images, which a signed SBOM supports; and DISA Security Technical Implementation Guides (STIGs) define the OS-level lockdown required for many federal workloads.

Compliance element Chainguard free (Catalog Starter) Minimus free (Community)
CIS / NIST-aligned hardening Yes Yes
Signed SBOM per image Yes Yes
FIPS 140-3-validated images No, paid only Yes
STIG-hardened variants No, paid only Yes
Compliance dashboards No, paid only Yes

Chainguard’s STIG-hardened and FIPS-validated images require a paid plan, per Chainguard Academy (June 2026). Minimus Community includes FedRAMP-ready images with FIPS, STIG, CIS, and NIST provable compliance across both Community and Enterprise tiers. For teams evaluating free hardened-image offerings, compliance coverage is therefore a more significant differentiator between the two platforms than image hardening alone.

Developer experience: pull commands, auth, and friction

Day-to-day friction is similar but not identical. Both vendors require authentication to their registry, support pull-through to third-party registries like JFrog Artifactory, and integrate with standard scanners. The difference is in onboarding and account flexibility.

Minimus images include signed SBOMs and provenance information that can be independently verified with Cosign. Verification steps are documented in the Minimus documentation. Community is designed for self-service access without the registration requirements that apply to Chainguard Catalog Starter.

Chainguard Catalog Starter requires a corporate email domain to sign up, assigns users a limited role that can pull images and create pull tokens but cannot invite other users, and offers no user management or RBAC on the free plan. In practice, that means a Catalog Starter organization is awkward to share across a team without involving Chainguard to add each user. For a quick proof of concept it is fine; for a growing team it adds coordination overhead that the Minimus self-service flow avoids.

Pricing cliff: what happens when free is not enough

This is the section that decides most evaluations. On Chainguard, the cliff is sharp and well-documented. Once you need a sixth image, a FIPS variant, an SLA, or RBAC, you move off Catalog Starter entirely, and the free five-image entitlement does not stack onto a paid plan. Chainguard's paid Catalog pricing starts at $19,000 for a team of 10, or you license per image at Enterprise pricing, per chainguard.dev/pricing (June 2026).

At the ceiling Chainguard Minimus
Free limit 5 fixed images, no SLA Hundreds of images, self-service
First paid step Catalog from $19K / team of 10, or per-image Enterprise (contact sales)
Free stacks onto paid? No, you move off the free plan Community access remains the on-ramp
Unlocks at paid SLA, FIPS, STIG, Custom Assembly, support SLA, dedicated support, and other commercial capabilities

Minimus’s cliff is shaped differently. Community access is broad and self-service, so the wall is less about image count and more about contractual guarantees and support. Community already includes a broad set of compliance capabilities, including FedRAMP-ready images with FIPS, STIG, CIS, and NIST provable compliance. Enterprise adds paid capabilities such as contractual remediation SLAs and dedicated support. Minimus Enterprise pricing is quoted through sales rather than published, which is a fair limitation to note. The takeaway is that both vendors provide hardened images for free, but the upgrade triggers differ significantly.

Which one to use and when

Use Minimus Community when you want to evaluate broadly, run hundreds of hardened images without a per-image budget, and take advantage of its built-in compliance capabilities. The self-service flow and lack of a hard image cap make it the better default for a team that is still mapping its image needs.

Use Chainguard Catalog Starter when you have already narrowed to five or fewer images, value Chainguard's specific catalog depth, and only need a free production pilot rather than a contractual SLA. Chainguard's catalog breadth is real, and for a tightly scoped set it is a credible free option.

Compliance is one of the biggest differences between the two free offerings. Minimus Community includes FedRAMP-ready images with FIPS, STIG, CIS, and NIST provable compliance, while Chainguard reserves comparable compliance-focused capabilities for paid plans. Teams that need contractual remediation SLAs or dedicated support should evaluate the paid tiers directly.

For the complete head-to-head beyond free tiers, start with the Minimus vs. Chainguard page, then sign up at Minimus Get started to pull a hardened image and verify its SBOM yourself.

Frequently asked questions: Chainguard vs. Minimus

Is Chainguard Catalog Starter really free for production use?

Yes. Chainguard Catalog Starter lets teams run five chosen images in production at no cost, using the same artifacts paying customers receive, per Chainguard Academy (June 2026). The catch is that those five images are fixed for the life of the plan and are not covered by Chainguard's CVE remediation SLA.

Does Minimus Community include FIPS 140-3 or STIG images?

Yes. Minimus Community includes FedRAMP-ready images with FIPS, STIG, CIS, and NIST provable compliance. These compliance capabilities are available across both Community and Enterprise tiers. Enterprise adds contractual SLAs, support, and other paid capabilities.

What is the real pricing cliff with Chainguard's free tier?

Catalog Starter caps you at five fixed images with no SLA. Moving beyond that means a paid plan: Catalog pricing starts at $19,000 for a team of 10, or per-image Enterprise pricing, per chainguard.dev/pricing (June 2026). The free five-image entitlement does not carry over to a paid subscription.

Can I get locked in or stuck migrating between these vendors?

Both ship standard OCI images you pull from a registry or mirror to your own, so the images themselves are portable. The lock-in risk is operational: Chainguard's frozen five-image selection and lack of RBAC on the free plan make team-scale changes harder, while contractual SLAs, support agreements, and other Enterprise services can create switching cost once teams become dependent on them.

Which free tier is better for air-gapped environments?

Minimus Community supports pulling images from your own self-hosted registry, including fully air-gapped environments, per minimus.io (June 2026). Chainguard supports pull-through to third-party registries on its free plan but adds corporate-email and user-management restrictions that complicate disconnected, multi-user setups.

To pull a hardened image and verify its signed SBOM in your own pipeline, sign up at Minimus Get started or read the verification steps in the Minimus documentation.

Yael Nardi
CBO
Sign up for minimus

Avoid over 97% of container CVEs

Access hundreds of hardened images, secure Helm charts, the Minimus custom image builder, and more.