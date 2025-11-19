Today’s IT leaders frequently face a critical trade-off between delivery speed and systems security. AI-assisted and -generated coding tools accelerate development cycles, but this speed can run counter to the realities of managing multi-faceted, complicated software components.

This seemingly leaves CIOs with two choices, moving at the speed of business while balancing potential production systems risks, or being overcautious to the point of losing to competitor’s innovations.

To address this dilemma Red Hat is launching Project Hummingbird, an early access program for subscription customers, that provides a catalog of minimal, hardened container images. Project Hummingbird is designed to help IT organizations address the constantly growing demand for better software with minimal attack surfaces, delivered more swiftly without compromising production security.

It offers tested, micro-sized container images stripped of non-essential components. By offering these leaner, production-ready images, Project Hummingbird intends to reduce the time and effort spent on package integration and vulnerability management, freeing up resources to focus on faster, more effective innovation.

It aims to provide ‘zero CVE’ status as images are shipped free of known vulnerabilities with functionality testing already completed, confirming that the images are also genuinely useful and stable. This is along with the minimal, hardened containers most requested by Red Hat customers, giving developers only what they truly need to create differentiated applications, along with a smaller attack surface. There’s also a complete software bill of materials (SBOM), enabling users to verify the contents of an image to help meet modern compliance requirements.

Gunnar Hellekson, vice president and general manager, Red Hat Enterprise Linux says, "The speed of business today depends on the speed of software. As supply chain attacks grow in prominence, organizations are often forced to choose between moving fast and maintaining security posture. Project Hummingbird is designed to remove that trade-off by providing a minimal, trusted, and transparent zero-CVE foundation for building cloud-native applications. This limits vulnerabilities so development and IT security teams have a clear, direct path to business value with speed, agility, security, and peace of mind."

You can find out more on the Red Hat site.

