“Maintaining FedRAMP compliance has always been a massive burden. With echo, all of the heavy lifting has been alleviated. It’s a game changer.”
Dan Garcia, CISO
Frequently asked questions
Yes! echo images are officially recognized and scannable by all of the major scanners, including Trivy, Grype, Wiz, Orca, Anchore, and Mend – so you’ll see real results without having to change your existing tooling.
echo images deliver the same exact functionality as the open source versions, without the huge attack surface and inherited vulnerabilities. In addition, when you use open source you rely on community-based patches, whereas with echo images patches and vulnerability management SLAs are committed contractually.
echo images include all of the runtime frameworks and images for databases, storage, monitoring, networking apps, Kubernetes utilities and plugins. echo packages include all of the operating system essentials and common language-specific packages.
With echo images, there’s no need to chase engineers to fix vulnerabilities that pop up in scans because our images scan clean every time.
We price based on image consumption, to ensure it scales with how you actually build and ship software.