# www.echohq.com llms.txt > Delivering CVE-free container base images that wow your scanners. - [Build With CVE-free Images | echo](https://www.echohq.com): Build with vulnerability-free base images that won’t break your app. Automatically patched, hardened, and FIPS-ed for you. - [Container Security & Compliance Blog | echo](https://www.echohq.com/blog): Explore the latest trends and insights in container security and FedRAMP with echo's expert blog updates and resources. - [Get Your Quote | echo](https://www.echohq.com/pricing): Instead of pricing per image, we use a value-based approach that gives you full access to our entire portfolio of secure-by-design container images. - [Enterprise-grade Container Images | echo](https://www.echohq.com/product): Echo delivers secure, CVE-free container base images that auto-remediate vulnerabilities and streamline DevSecOps workflows. - [About Us | echo](https://www.echohq.com/about): Echo is on a mission to eliminate container vulnerabilities at the source with secure-by-design, CVE-free base images. - [Get a Demo | echo](https://www.echohq.com/get-a-demo): See how Echo's CVE-free base images can secure your containers, cut MTTR, and simplify vulnerability remediation. - [Image Pulling - Eliminate your CVEs](https://www.echohq.com/image-pulling): Deciding which container image or variant to pull? Browse through this guide to find out what images to use, when, how, and why. - [Alpine](https://www.echohq.com/tags/alpine) - [Base Images](https://www.echohq.com/tags/base-images) - [Code to Cloud](https://www.echohq.com/tags/code-to-cloud) - [Compliance](https://www.echohq.com/tags/compliance) - [Container scanning](https://www.echohq.com/tags/container-scanning) - [CVE blindspots](https://www.echohq.com/tags/cve-blindspots) - [CVE patching](https://www.echohq.com/tags/cve-patching) - [DevSecOps](https://www.echohq.com/tags/devsecops) - [Distroless](https://www.echohq.com/tags/distroless) - [FedRAMP](https://www.echohq.com/tags/fedramp) - [FIPS](https://www.echohq.com/tags/fips) - [NVD](https://www.echohq.com/tags/nvd) - [SBOM](https://www.echohq.com/tags/sbom) - [Security advisories](https://www.echohq.com/tags/security-advisories) - [Slim containers](https://www.echohq.com/tags/slim-containers) - [Trivy](https://www.echohq.com/tags/trivy) - [Upstream security](https://www.echohq.com/tags/upstream-security) - [Vulnerability feeds](https://www.echohq.com/tags/vulnerability-feeds) - [Vulnerability Management](https://www.echohq.com/tags/vulnerability-management) - [What is Automated Vulnerability Remediation? Benefits & Best Practices](https://www.echohq.com/blog/automated-vulnerability-remediation): Learn how automated vulnerability remediation works, its benefits for security teams, and best practices for implementation. - [Building Slim Containers: When Less is More – and When It Isn’t](https://www.echohq.com/blog/building-slim-containers): Discover the benefits and trade-offs of slim Docker containers, from performance gains to real-world compatibility challenges. - [Container Scanning Best Practices for 2025](https://www.echohq.com/blog/container-scanning-best-practices): Learn container scanning best practices, common vulnerabilities, automation tips, and top tools to secure images in 2025. - [Common Container Security Vulnerabilities: How to Detect & Fix](https://www.echohq.com/blog/container-security-vulnerabilities): Learn how to detect and fix container security vulnerabilities using scanners, secure base images, and automated remediation. - [The Fragile Triangle: Blindspots in Vulnerability Detection](https://www.echohq.com/blog/cve-blindspots): Container vulnerability detection relies on images, advisories, and scanners – but gaps in any layer can leave you exposed. - [How CVEs Vanish in Upstream Bug Trackers](https://www.echohq.com/blog/cves-vanish-in-upstream-bug-trackers): Some CVEs linger for years unresolved. Here’s why upstream bug tracking fails and what it means for your vulnerability scans. - [Zero-CVE foundations, visible in your CNAPP](https://www.echohq.com/blog/echo-orca-integration): Secure your cloud from the ground up. echo and Orca bring zero-CVE base images into view, right inside your CNAPP platform. - [Introducing: The echo-trivy integration](https://www.echohq.com/blog/echo-trivy-integration): Discover how the Echo-Trivy integration enhances security for your containerized applications with automated vulnerability scanning. - [Best ai agent for test generation](https://keploy.io): Generate unit, api, integration tests for backend using AI coding agent, keploy - [How to Build a Smarter Vulnerability Feed](https://www.echohq.com/blog/how-to-build-a-smarter-vulnerability-feed): Learn to build effective, tailored vulnerability feeds for real-time alerts, smarter defenses, and proactive security. - [The Fragility of the NVD & Its Impact on Vulnerability Intelligence](https://www.echohq.com/blog/nvd-vulnerability-intelligence-fragility): The NVD slowdown exposes risks in vulnerability intelligence, impacting security workflows and remediation strategies. - [The 0 CVE Problem: When Clean Scans Lie](https://www.echohq.com/blog/scanner-misreads): Discover why a 0 CVE scan may not mean your images are secure and how hidden risks can evade container vulnerability scanners. - [Vulnerability Management Dilemma: Visibility Without Control](https://www.echohq.com/blog/the-vulnerability-management-dilemma): Explore modern challenges and new AI solutions for vulnerability management in today's AI-powered and cloud-driven software world. - [What Are Customers Seeing When They Scan Your Images?](https://www.echohq.com/blog/what-are-customers-seeing-when-they-scan-your-images): See why container image scans reveal CVEs to your customers, and what steps you can take to reduce vulnerability findings and friction. - [What’s New with FedRAMP](https://www.echohq.com/blog/whats-new-with-fedramp): Stay updated on the latest FedRAMP news, changes, and improvements to enhance compliance and strengthen cloud security standards. - [echo Cookies Notice](https://www.echohq.com/legal/cookies-notice): Discover how Echo HQ uses cookies to enhance your experience and improve website performance. Learn more about our practices. - [echo Privacy Policy](https://www.echohq.com/legal/privacy-policy): Explore Echo HQ's Privacy Policy detailing how we collect, use, and protect your personal information. Transparency is key! - [echo Service Level Agreement](https://www.echohq.com/legal/sla): Review the Echo HQ Service Level Agreement outlining our commitment to service quality, reliability, and customer satisfaction. - [echo Terms of Use](https://www.echohq.com/legal/terms-of-use): Read Echo HQ's Terms of Use to understand the legal framework governing your access and use of our website and services. - [What Is Airflow Image? How To Use & Variants](https://www.echohq.com/image-pulling/airflow): Get instructions to pull and use the Airflow image securely, browse available tags, see usage examples, and access the full SBOM. - [What Is Apache Tomcat Image? How To Use & Variants](https://www.echohq.com/image-pulling/apache-tomcat): Get instructions to pull and run the Apache Tomcat image securely, view available tags, and access the full SBOM for validation. - [Argo CLI](https://www.echohq.com/image-pulling/argo-cli): Enables users to submit workflows, monitor execution, and manage templates directly from the terminal. - [argocd](https://www.echohq.com/image-pulling/argocd): Watches Git repositories for changes to Kubernetes manifests and automatically synchronizes them to the cluster. - [What Is Busybox Image? How To Use & Variants](https://www.echohq.com/image-pulling/busybox): Learn how to securely pull and run the BusyBox image, view usage instructions, available tags, and access the full SBOM. - [What Is Curl Image? How To Use & Variants](https://www.echohq.com/image-pulling/curl): Learn how to securely pull and use the curl image, view available tags, explore usage examples, and access the full SBOM. - [datadog-agent](https://www.echohq.com/image-pulling/datadog-agent): Collects system metrics, logs, traces, and events, and forwards them to the Datadog platform. - [What Is External Dns Image? How To Use & Variants](https://www.echohq.com/image-pulling/external-dns): Discover how to pull and use the External DNS image securely, with tag details, usage examples, and a complete SBOM. - [fluent-bit](https://www.echohq.com/image-pulling/fluent-bit): A lightweight and high-performance log processor and forwarder. - [What Is Kafka Image? How to Use & Variants](https://www.echohq.com/image-pulling/kafka): Learn how to securely pull and use Kafka container images, optimize performance, and ensure reproducible builds using trusted sources. - [Keycloak-fips](https://www.echohq.com/image-pulling/keycloak-fips): Supports single sign-on (SSO), OAuth2, OpenID Connect, SAML, LDAP integration, and user federation. - [kube-state-metrics](https://www.echohq.com/image-pulling/kube-state-metrics): Generate Prometheus metrics from Kubernetes state with kube-state-metrics, essential for monitoring cluster health and performance. - [MLflow](https://www.echohq.com/image-pulling/mlflow): Manage the entire machine learning lifecycle using MLflow, from tracking experiments to deploying models in production. - [What Is Nginx Image? How To Use & Variants](https://www.echohq.com/image-pulling/nginx): Find secure pull instructions for the NGINX image, explore available tags, usage examples, and access the complete SBOM. - [node](https://www.echohq.com/image-pulling/node): Enables server-side execution of JavaScript and powers modern web apps, CLIs, and backend services. - [NVIDIA-container-toolkit](https://www.echohq.com/image-pulling/nvidia-container-toolkit): Access NVIDIA GPUs within containers using the NVIDIA Container Toolkit, essential for AI/ML training and GPU workloads. - [OpenJDK](https://www.echohq.com/image-pulling/openjdk): Run and build Java applications seamlessly with the OpenJDK image, providing a reliable environment for all Java versions. - [Opentelemetry-collector-contrib](https://www.echohq.com/image-pulling/opentelemetry-collector-contrib): Utilize the OpenTelemetry Collector Contrib to process and export telemetry data from logs, metrics, and traces in your apps. - [Prometheus-adapter](https://www.echohq.com/image-pulling/prometheus-adapter): Exposes custom and external metrics from Prometheus. - [prometheus-alertmanager](https://www.echohq.com/image-pulling/prometheus-alertmanager): An image responsible for handling alerts sent by Prometheus servers. - [promethues](https://www.echohq.com/image-pulling/promethues): Collects time-series metrics from targets via a pull-based HTTP model and stores them in a custom TSDB. - [rabbitmq](https://www.echohq.com/image-pulling/rabbitmq): An open-source message broker that implements the Advanced Message Queuing Protocol (AMQP). - [Redis](https://www.echohq.com/image-pulling/redis): Deploy Redis in a container for high-performance data management, supporting various structures like strings, lists, and hashes. - [Semgrep](https://www.echohq.com/image-pulling/semgrep): Run customizable static code scans with Semgrep to identify bugs, security issues, and policy violations in your code. - [What Is Terraform Image? How To Use & Variants](https://www.echohq.com/image-pulling/terraform): Learn how to pull and run the Terraform image securely, including usage instructions, tags, and SBOM for verification. - [What Is Vault Image? How To Use & Variants](https://www.echohq.com/image-pulling/vault): Learn how to securely pull and run the Vault image, explore available tags, and access its complete SBOM for verification.