Hardened base images. Built from source. Signed end-to-end.
A catalogue of minimal-CVE base images, rebuilt from source in a verified factory pipeline, patched on a fast cadence, signed through sigstore, and shipped with SLSA L3 provenance and a bundled SBOM. Use them under whatever orchestrator you run.
A smaller base. A smaller attack surface.
Less in the image means less to patch. The factory ships you the smallest correct base for each runtime, with the provenance trail to prove it.
Distroless-style minimal images
No shell, no package manager, no busybox — just the runtime and your application. The attack surface is a fraction of a typical base image. Debug variants exist for engineering work, never production.
Built from source in a verified factory
Every image is built from upstream source in a hardened factory pipeline. No mystery binaries pulled from a registry of unknown provenance. Reproducible builds verified across the factory and a third-party rebuild.
Fast patch cadence
When an upstream CVE drops, the factory rebuilds and re-tags affected images within hours, not days. Patch SLAs are published per-image and tracked against actual delivery — not the next quarterly refresh.
Signed with sigstore
Every image and every attestation lands in the public sigstore transparency log. Verify the chain back to the source commit with cosign before admission, and reject unsigned images at the cluster boundary.
SLSA L3 provenance bundled
Each image ships with an in-toto attestation describing the source commit, the build platform, the dependencies pulled, and the signer identity. Compliance auditors stop asking and start verifying.
Use with any orchestrator
Pull from your registry of choice; run on EKS, GKE, AKS, OpenShift, or self-hosted Kubernetes. Nomad and ECS work fine. The image is just an image — no daemon, no agent, no lock-in.
Pick, pin, verify, roll forward.
Pick the base from the catalogue
Browse curated bases — Java runtimes, Node distributions, Python interpreters, Go scratch, Alpine alternatives, language-server bases — by language, framework, and posture requirement.
Pin a tag and a digest
Each image is published with a semver tag and an immutable sha256 digest. Your deployment manifests pin both, so a tag rewrite cannot quietly change the bits you run.
Verify on admission
Configure your admission controller (Kyverno, Connaisseur, or Sigstore policy controller) to require a valid signature and a matching SBOM. Unsigned images never reach a node.
Receive patch notifications
Subscribe to the images your fleet runs. New patched versions notify your team, with the CVE delta and a one-line bump suggestion.
Roll forward on a schedule
A scheduled job opens PRs that bump the pinned digest across your manifests. Tests run, traces capture, the human reviews — same loop as any dependency upgrade.
Use ours, theirs, or both.
Safeguard Secure Containers exist for customers who want a single-vendor stack. The rest of the platform runs perfectly well against any base — minimal commercial distributions, AWS Bottlerocket, vendor-curated images, your own factory output. The scanner, the SBOMs, the gates, and the policy engine are base-image agnostic.
See the catalogue, test the SLA.
Browse the public image catalogue, pull a tag, and verify the signature against the transparency log. Two minutes; no account required.