SIGHUP Secure Containers

Upstream base container images for your containerised applications that are both well-maintained and secured. With Secure Containers you will be able to access our dedicated catalogue of images, specifically designed to meet the best practices and security needs of organizations that rely on containerization for their production workloads.

Get in touch (1-month free trial)

Learn more

Continuous scanning and proactive maintenance

Keeping your containers secure and updated can be a daunting and time-consuming task.

We do recognize it can be difficult to stay on top of everything, and that's why we are here to help: our team of experts can take the burden of maintaining base images off your shoulders, while you concentrate on you core business.

Thanks to our mix of automated solutions and security specialists oversight, we can ensure your images are always up-to-date and secure.

Get weekly reports and updates on support status and new releases

As our container base images catalog is continuously maintained, we provide our users with updated vulnerability reports and a weekly summary of the most important changes and updates.

Our summaries include detailed descriptions of new releases and deprecations, as well as end-of-life and support reports, to help you plan your future updates.

Upstream, secured container images

Docker official images are a great starting point for your projects as they provide a convenient, well-documented, and well-tested base for your applications.

Unfortunately they are also a great starting point for attackers, as they are often based on outdated operating system packages that are known to contain security vulnerabilities.

SIGHUP Secure Containers give you the best of both worlds: a convenient starting point for your projects, and a secure base for your applications.

Best practices beyond security

Secure Containers are built with best practices in mind and include preconfigured observability exporters ready to be integrated with your monitoring tools, a comprehensive catalog of rootless and standard containers, an entire library of examples to speed up adoption by your teams.

Enterprise-grade support and maintenance

Our mission is to enable organizations of any size to adopt cloud native technologies. Secure Containers come with enterprise-grade support and a dedicated team of Kubernetes solutions engineers ready to help.

Features

Comprehensive Container catalogue and 1-month free trial: Secure Containers supports a comprehensive list of popular software stacks and open-source projects, with an evergrowing catalogue of supported container images based on Debian. You can start to use it today free of charge for 1 month.
Proactively patched against all known CVEs and vulnerabilities: Secure Containers are continuously scanned and proactively patched weekly against known vulnerabilities and CVEs.
Best of both worlds: innovation of OSS, security of Enterprise-grade: Get the flexibility and standardization of upstream container images, matched with the stability and security of enterprise-grade technology.
Notifications, support status and planned obsolescence: Get weekly security reports on the state of all containers and get a clear overview on support status and end-of-life of container images included in our catalogue so that your organization and teams will be able to plan for obsolescence.
Best-in-class Support and clear SLAs: Get access to our world-class engineering team to provide support on bugs, security issues and feature requests.
Secure Containers beyond Security: Secure Containers are not optimized just for security but they are also bundled with practical best-practices in mind. They include pre-configured observability exporters, multiple rootless versions and are both optimised for size and feature-richness.
Simple, predictable pricing: Our pricing is simple and predictable, with an annual fee based on actual yearly usage of our reserved registry.
Constantly improving: Our team is committed to providing the latest technology and software solutions, which will result in an expanding portfolio for our clients.

Supported Images

SIGHUP Secure Containers supports a comprehensive list of popular software stacks and open-source projects, with an ever-growing catalogue of supported container images, and we are constantly adding new images to our catalogue.

Dotnet Core	An open-source, cross-platform framework for building modern apps, supporting Windows, Linux and macOS, and optimized for cloud and microservices.
Elixir	A functional, concurrent programming language built on the Erlang VM. It is designed for building scalable, fault-tolerant systems and emphasizes developer productivity and code maintainability. It also has an elegant syntax, inspired by Ruby, and a powerful macro system.
Erlang	A language designed for building concurrent, distributed, and fault-tolerant systems, developed by Ericsson, used in various industries, with built-in garbage collector and lightweight processes for concurrency.
Gradle	A build automation tool for Java and JVM-based languages, using a Groovy-based DSL, customizable and extensible, with support for incremental builds for better performance.
Maven	A build automation tool for Java projects, using an XML file to manage dependencies, settings, and plugins, following a convention-over-configuration approach for easier and efficient builds.
OpenJDK	An open-source, free version of the Java SE Platform, compatible with the Oracle JDK, widely used, and maintained by the Java community, and supported by companies like Red Hat, IBM, and Oracle.
Tomcat	An open-source web server and servlet container for Java-based web apps, implementing Java Servlet, JSP, and EL specifications, providing "pure Java" HTTP environment, widely used and popular for building and deploying Java web apps.
Node.js	An open-source, cross-platform back-end JavaScript runtime, allowing developers to use JavaScript on the server-side for building fast, scalable, high-performance network apps using event-driven, non-blocking I/O model.
PHP	A server-side scripting language well-suited for web development, embedded in HTML, used with various web systems, frameworks, and popular for creating dynamic web pages, e-commerce sites, blogs, and content management systems.
Python	A high-level, interpreted language widely used for web development, scientific computing, data analysis, AI, with simple and easy-to-learn syntax, supporting multiple programming paradigms, with a large and active community providing a wealth of libraries and frameworks.

Datasheet

A short and concise document that describes the service, its features and benefits.

Download

Get in touch or request a free trial

FAQ

Can I try Secure Containers?

Yes, you can try Secure Containers free of charge for 1 month by reaching out via the above form. You will get full access to our registry and full catalog of supported images, as well to all security reports and weekly security updates. After 1 month, we will reach out and you will be able to choose to continue using the service or not.

How are these containers different from the Official images available on Docker Hub or Universal Images from RedHat?

Docker Official Images are supported by the community, as described on their documentation. This translates into no SLAs, no guaranteed fix, and no transparent engagement with upstream maintainers. For this reason, Docker Official Images provide no guarantee when running in production, depending entirely on the maintenance policies of the upstream community. While at SIGHUP we recognize the value of running upstream OSS images, we also know that critical workloads require a more careful approach to base images. Secure Containers start from upstream OSS images and further enhance their security by reducing vulnerability surface by continuously applying available patches for known CVEs and providing comprehensive security reports for full transparency. Secure Containers are fully supported, enterprise-ready Debian images; for a more in-depth comparison with RedHat Universal Base Images, feel free to reach out to us directly.

Do you provide rootless or distroless containers?

We build Secure Containers with two principles in mind: security and usability. Our supported images are available in multiple versions, providing both standard and rootless images. We do not currently support distroless images. While we monitor the work of Sigstore and TAG Security carefully, we feel they are not yet easily usable by most organizations as they take a radical approach to security.

How does the service works in practice?

If you decide to try or subscribe to Secure Containers (by getting in touch with our sales team), you will get access to our Secure Containers registry and portal. You will then be able to find our wiki containing security reports for all available images. You will also get weekly security dispatches with new releases, EOL, and critical CVEs as soon as they are available.

Do I need my own container registry to use the service?

You will need your container registry to use the service to redistribute our images. Currently, Secure Containers has been engineered so that you sync your registry with ours regularly. We do not limit pulls on our images or the number of users as we strive to make our Secure Containers as accessible as possible. If you integrate our registry directly with your build pipelines, we might rate-limit your container pulls.

How do I get support for using the images or if I encounter any issues?

We provide support through our support portal and you will be able to open support, bugs and feature requests. On top of that, we will provide you with a dedicated Account Executive who will be your point of contact for any questions or issues you may have.