A catalogue of minimal-CVE base images, rebuilt from source in a verified factory pipeline, patched on a fast cadence, signed through sigstore, and shipped with SLSA L3 provenance and a bundled SBOM. Use them under whatever orchestrator you run.
Less in the image means less to patch. The factory ships you the smallest correct base for each runtime, with the provenance trail to prove it.
No shell, no package manager, no busybox — just the runtime and your application. The attack surface is a fraction of a typical base image. Debug variants exist for engineering work, never production.
Every image is built from upstream source in a hardened factory pipeline. No mystery binaries pulled from a registry of unknown provenance. Reproducible builds verified across the factory and a third-party rebuild.
When an upstream CVE drops, the factory rebuilds and re-tags affected images within hours, not days. Patch SLAs are published per-image and tracked against actual delivery — not the next quarterly refresh.
Every image and every attestation lands in the public sigstore transparency log. Verify the chain back to the source commit with cosign before admission, and reject unsigned images at the cluster boundary.
Each image ships with an in-toto attestation describing the source commit, the build platform, the dependencies pulled, and the signer identity. Compliance auditors stop asking and start verifying.
Pull from your registry of choice; run on EKS, GKE, AKS, OpenShift, or self-hosted Kubernetes. Nomad and ECS work fine. The image is just an image — no daemon, no agent, no lock-in.
Browse curated bases — Java runtimes, Node distributions, Python interpreters, Go scratch, Alpine alternatives, language-server bases — by language, framework, and posture requirement.
Each image is published with a semver tag and an immutable sha256 digest. Your deployment manifests pin both, so a tag rewrite cannot quietly change the bits you run.
Configure your admission controller (Kyverno, Connaisseur, or Sigstore policy controller) to require a valid signature and a matching SBOM. Unsigned images never reach a node.
Subscribe to the images your fleet runs. New patched versions notify your team, with the CVE delta and a one-line bump suggestion.
A scheduled job opens PRs that bump the pinned digest across your manifests. Tests run, traces capture, the human reviews — same loop as any dependency upgrade.
Safeguard Secure Containers exist for customers who want a single-vendor stack. The rest of the platform runs perfectly well against any base — minimal commercial distributions, AWS Bottlerocket, vendor-curated images, your own factory output. The scanner, the SBOMs, the gates, and the policy engine are base-image agnostic.
Browse the public image catalogue, pull a tag, and verify the signature against the transparency log. Two minutes; no account required.