Pricing
Pricing
Pricing
Plans That Scale
Root gives you enterprise-grade protection without enterprise complexity or cost.
Root Image Catalog
Free
Zero vulnerabilities on latest builds
500+ continuously remediated images
Supports Alpine, Debian, Ubuntu · AMD64 & ARM64
Compliance artifacts (SBOM, Vex)
SLSA certified build infrastructure
Scanner support
Community support SLA
Root Image Catalog
Free
Zero vulnerabilities on latest builds
500+ continuously remediated images
Supports Alpine, Debian, Ubuntu · AMD64 & ARM64
Compliance artifacts (SBOM, Vex)
SLSA certified build infrastructure
Scanner support
Community support SLA
Root Image Catalog
Free
$9/month
Zero vulnerabilities on latest builds
500+ continuously remediated images
Supports Alpine, Debian, Ubuntu · AMD64 & ARM64
Compliance artifacts (SBOM, Vex)
SLSA certified build infrastructure
Scanner support
Community support SLA
Enterprise
Contact Us
$9/month
Access to the Root Image Catalog, plus...
Zero vulnerabilities across base + app layers
SLA-backed remediation (30-day / 7-day)
Custom image requests and private registry support
FIPS-ready builds · SOC 2 / FedRAMP aligned
Dedicated support and private registry delivery
Bundle RIC + Libraries
Enterprise
Contact Us
$9/month
Access to the Root Image Catalog, plus...
Zero vulnerabilities across base + app layers
SLA-backed remediation (30-day / 7-day)
Custom image requests and private registry support
FIPS-ready builds · SOC 2 / FedRAMP aligned
Dedicated support and private registry delivery
Bundle RIC + Libraries
Enterprise
Contact Us
$9/month
Access to the Root Image Catalog, plus...
Zero vulnerabilities across base + app layers
SLA-backed remediation (30-day / 7-day)
Custom image requests and private registry support
FIPS-ready builds · SOC 2 / FedRAMP aligned
Dedicated support and private registry delivery
Bundle RIC + Libraries
Root offerings
Root offerings
How to Get Started with Root
Features
Root Image Catalog
Enterprise
includes Root Image Catalog
Who is this for?
Developers, open-source users, and small teams
Startups to Enterprises
Image coverage
500+ latest builds
2,000+ images with full version history
Library remediation
Not included
1–25+ fixes/week (SLA-backed tiers)
SLA
Community SLA
30-day (Standard) / 7-day (Enhanced) + 72 h CISA KEV
Architecture
AMD64 & ARM64
AMD64 & ARM64 (dual-arch delivery)
Security proof
SBOM & VEX
Full audit chain — SBOM, VEX, attestation, provenance
Compliance
SBOM & VEX
SOC 2 · FedRAMP · FIPS-ready · provenance · attestation
Support
Community support
Dedicated CSM & private registry delivery
Pricing & discounts
Free
Startup and volume options available
Root offerings
Root offerings
How to Get Started with Root
Features
Root Image Catalog
Enterprise
includes Root Image Catalog
Who is this for?
Developers, open-source users, and small teams
Startups to Enterprises
Image coverage
500+ latest builds
2,000+ images with full version history
Library remediation
Not included
1–25+ fixes/week (SLA-backed tiers)
SLA
Community SLA
30-day (Standard) / 7-day (Enhanced) + 72 h CISA KEV
Architecture
AMD64 & ARM64
AMD64 & ARM64 (dual-arch delivery)
Security proof
SBOM & VEX
Full audit chain — SBOM, VEX, attestation, provenance
Compliance
SBOM & VEX
SOC 2 · FedRAMP · FIPS-ready · provenance · attestation
Support
Community support
Dedicated CSM & private registry delivery
Pricing & discounts
Free
Startup and volume options available
How to get started
Root offerings
How to Get Started with Root
Features
Root Image Catalog
Enterprise
includes Root Image Catalog
Who is this for?
Developers, open-source users, and small teams
Startups to Enterprises
Image coverage
500+ latest builds
2,000+ images with full version history
Library remediation
Not included
1–25+ fixes/week (SLA-backed tiers)
SLA
Community SLA
30-day (Standard) / 7-day (Enhanced) + 72 h CISA KEV
Architecture
AMD64 & ARM64
AMD64 & ARM64 (dual-arch delivery)
Security proof
SBOM & VEX
Full audit chain — SBOM, VEX, attestation, provenance
Compliance
SBOM & VEX
SOC 2 · FedRAMP · FIPS-ready · provenance · attestation
Support
Community support
Dedicated CSM & private registry delivery
Pricing & discounts
Free
Startup and volume options available
How to get started
FAQ
FAQ
FAQ
Frequently Asked Questions
Find quick answers to the most common questions about Root’s features, security, and setup.
What makes Root different from other security solutions?
Root fixes, not just scans. Unlike vendors that force upgrades or rebasing, Root patches vulnerabilities in place — across both base images and application dependencies — while preserving your existing versions and workflows. Every fix includes provenance, attestation, SBOM (CycloneDX), and VEX for full auditability
What container images does Root support?
Root supports all major Linux distributions and runtimes — Alpine, Debian, Ubuntu, Python, Node, Go, .NET, and more. The Root Image Catalog (RIC) continuously remediates over 2,000 base images from source with a 30-day Standard SLA (or 7-day Enhanced) and 180-second average fix time
How do I use or buy Root images?
Start free at images.root.io to pull from 500+ continuously remediated images, or choose a paid tier for enterprise coverage.
What's your SLA for vulnerability remediation?
30-day (Standard) or 7-day (Enhanced) for registries; Libraries deliver 1–25+ fixes/week, prioritized by severity.
Do you support enterprise compliance?
Yes. Every Root artifact includes attestation, provenance, SBOM (CycloneDX), VEX, and malware scans. Enhanced tiers add FIPS 140-2/3 compliance and SOC 2, FedRAMP, PCI DSS, and CMMC alignment.
Can I try before purchasing?
Yes. Browse 500+ zero-CVE images free, or request a Proof of Value to see Root remediate your own libraries within a week — complete with before/after CVE reports and full attestation proof.
What makes Root different from other security solutions?
Root fixes, not just scans. Unlike vendors that force upgrades or rebasing, Root patches vulnerabilities in place — across both base images and application dependencies — while preserving your existing versions and workflows. Every fix includes provenance, attestation, SBOM (CycloneDX), and VEX for full auditability
What container images does Root support?
Root supports all major Linux distributions and runtimes — Alpine, Debian, Ubuntu, Python, Node, Go, .NET, and more. The Root Image Catalog (RIC) continuously remediates over 2,000 base images from source with a 30-day Standard SLA (or 7-day Enhanced) and 180-second average fix time
How do I use or buy Root images?
Start free at images.root.io to pull from 500+ continuously remediated images, or choose a paid tier for enterprise coverage.
What's your SLA for vulnerability remediation?
30-day (Standard) or 7-day (Enhanced) for registries; Libraries deliver 1–25+ fixes/week, prioritized by severity.
Do you support enterprise compliance?
Yes. Every Root artifact includes attestation, provenance, SBOM (CycloneDX), VEX, and malware scans. Enhanced tiers add FIPS 140-2/3 compliance and SOC 2, FedRAMP, PCI DSS, and CMMC alignment.
Can I try before purchasing?
Yes. Browse 500+ zero-CVE images free, or request a Proof of Value to see Root remediate your own libraries within a week — complete with before/after CVE reports and full attestation proof.
What makes Root different from other security solutions?
Root fixes, not just scans. Unlike vendors that force upgrades or rebasing, Root patches vulnerabilities in place — across both base images and application dependencies — while preserving your existing versions and workflows. Every fix includes provenance, attestation, SBOM (CycloneDX), and VEX for full auditability
What container images does Root support?
Root supports all major Linux distributions and runtimes — Alpine, Debian, Ubuntu, Python, Node, Go, .NET, and more. The Root Image Catalog (RIC) continuously remediates over 2,000 base images from source with a 30-day Standard SLA (or 7-day Enhanced) and 180-second average fix time
How do I use or buy Root images?
Start free at images.root.io to pull from 500+ continuously remediated images, or choose a paid tier for enterprise coverage.
What's your SLA for vulnerability remediation?
30-day (Standard) or 7-day (Enhanced) for registries; Libraries deliver 1–25+ fixes/week, prioritized by severity.
Do you support enterprise compliance?
Yes. Every Root artifact includes attestation, provenance, SBOM (CycloneDX), VEX, and malware scans. Enhanced tiers add FIPS 140-2/3 compliance and SOC 2, FedRAMP, PCI DSS, and CMMC alignment.
Can I try before purchasing?
Yes. Browse 500+ zero-CVE images free, or request a Proof of Value to see Root remediate your own libraries within a week — complete with before/after CVE reports and full attestation proof.
