Certified Container Images

Build and run containers with confidence.

Leverage secured images based on the leading tools to audit and analyze vulnerabilities. Increase exposure of flaws on zero thrust environments to ease the development lifecycle.

The Certified Images are provided with an extensive report of layers, exposures, enhancements and digital signatures to give you confidence to build over the Certified Images from SIGHUP.



Linted and secured images

Our base images are, reviewed extensively with state-of-the-art security tools to ensure a cohesive and secure environment for your application.

And provide security fixes automatically!

Extensive Reporting

Detailled report on each image

Every single detail is exposed in a complete report to undersand where you're running your application. With full disclosure of vulnerabilities and linting errors that could lead you to future problems


Complete Dockerfile and signatures

Each Certified Image comes with the complete stack of layers in the report, so you can know what's going on in a single central point of trust. We know that security is not optional anymore, so you can check consistency with the digital signatures of our images.

What we do:

Upstream Base Image

Digest SHA collect

We retrieve and track changes on the trunk base image


Collect possible edgecases errors and attack vectors

Check Vulnerabilities

Collect all problematic packages and vulnerabilities


Remove unneeded packages and upgrade required ones


Daily creation of a complete report with all the image layers, linting issues and the vulnerabilities involved in the image

Certify the image

What you do:

FROM <Base Image>

As complex as you want

Increase resilience and security even on multi-stage images to ensure reproducible builds

Add your application!

Setup and configure your application in the hardened base image