Home
Guides
v3.0
Guides
Start typing to search…

Root Images Catalog

Root Image Catalog provides secure, continuously maintained container images that work as drop-in replacements for Docker Hub images. When you use Root images, you get the same functionality with zero Critical/High CVEs—automatically maintained and continuously updated.

What is Root Image Catalog?

Root Image Catalog is a collection of secure container images powered by Root's AVR Factory. These images are:

  • The same images you'd get from Docker Hub (Python, Node, Nginx, Redis, etc.)
  • With CVEs remediated — typically 2+ Critical and 15+ High reduced to zero
  • Continuously updated — when new CVEs are disclosed, Root patches them automatically
  • Drop-in replacements — same tags, same behavior, no code changes required

Who Should Use Root Image Catalog?

Root Image Catalog is for teams that:

  • Need secure base images without rebuilding their applications
  • Want continuous security maintenance without manual patching
  • Can't afford breaking changes from forced upgrades or migrations
  • Require compliance (FIPS, FedRAMP) and need verifiable security artifacts

Use Root Image Catalog when you need secure container images that work with your existing infrastructure and development workflows.

How Root Image Catalog Differs

vs. Official Images (Docker Hub)

Official Images:

  • Contain vulnerabilities (2+ Critical, 15+ High on average)
  • Require manual patching or upgrades
  • No SLA for vulnerability remediation
  • You're responsible for security maintenance

Root Image Catalog:

  • Zero Critical/High CVEs
  • Automatic patching via AVR Factory
  • SLA-backed remediation (critical CVEs patched within hours)
  • Continuous security maintenance included

vs. Other Secure Image Providers

Other Providers:

  • Rebuild from source (breaking changes)
  • Force migrations to vendor registries
  • Limited OS/version support
  • Require ecosystem changes

Root Image Catalog:

  • Patches existing images (no breaking changes)
  • Works with your existing registries
  • Universal OS/version support
  • Drop-in replacements—no ecosystem changes

Continuous Maintenance and SLAs

Root Image Catalog provides continuous security maintenance:

  • Automatic scanning - All images scanned continuously for new vulnerabilities
  • Automatic patching - When CVEs are detected, AVR Factory patches them automatically
  • SLA-backed remediation - Critical CVEs remediated within hours, not days or weeks
  • Same tags maintained - Updated images keep the same tags for seamless integration

This means you get ongoing security coverage without manual intervention. When a new CVE is discovered in an image you're using, Root patches it automatically and delivers the updated image with the same tag.

The Root Advantage

Root Image Catalog delivers secure images without the operational overhead:

  • No migrations - Use your existing registries and workflows
  • No breaking changes - Same tags, same behavior, same compatibility
  • No manual patching - Automatic remediation via AVR Factory
  • No vendor lock-in - Easy to onboard, easy to offboard

You get secure images that work with your existing stack, not a new stack you have to migrate to.


Updated 11 days ago