RapidFort and Nutanix have announced a strategic partnership to bring automated software supply chain security to the Nutanix Kubernetes Platform. The integration delivers continuously hardened container images and automated vulnerability remediation across data center, edge, and public cloud environments. The main advantage is extra time for developers to focus on getting software built rather than needing to firefight security problems.
The two companies made the announcement at KubeCon + CloudNativeCon in Amsterdam, taking place this week. RapidFort will integrate its end-to-end software supply chain security capabilities with the Nutanix Kubernetes Platform (NKP). This gives enterprises a way to harden their cloud-native workloads consistently, whether those run on-premises, at the edge, or in public cloud environments.
Supply chains are targeted by both attackers and, in response, IT vendors. Securing the immensely complex cloud-native ecosystem remains a major headache, one involving a mix of enterprise companies as well as volunteers. As much as Nutanix intends to expand its AI Factory initiative to make AI buildouts as easy as possible, security is needed from the get go to make such rollouts viable. The RapidFort partnership adds another security layer to this growing stack.
Hardened images and automated remediation
At the core of the integration are RapidFort’s curated near-zero CVE images. These replace standard container images with hardened equivalents that ship with a dramatically smaller attack surface. Rather than waiting for a vulnerability to be discovered and patched, the platform takes a proactive approach. They involve themselves in remediating artifacts with every release cycle, meaning end users can be kept safe at a greater pace than with regular images. Automated CVE lifecycle management means platform teams no longer have to chase patches manually across multiple environments.
“The Nutanix Kubernetes Platform meets the enterprise foundation team’s need to run Kubernetes consistently across datacenter, edge, and public cloud,” said George Manuelian, co-founder and CSO of RapidFort. “RapidFort complements NKP by continuously eliminating vulnerabilities and reducing attack surface in the workloads deployed into those environments—so customers can move faster while reducing risk and accelerating compliance.”
The integration also brings cryptographic proof of provenance to the software supply chain, ensuring the integrity of libraries from source to deployment. Only verified, hardened artifacts are permitted into production environments.
Available across all NKP tiers
The integrated solution will be available to all NKP customers regardless of subscription tier, whether they are Starter, Pro, or Ultimate. It is expected to reach general availability later in 2026. Compliance teams gain auditable controls in the process, which is particularly relevant for highly regulated sectors where Nutanix has been investing heavily in recent months.