About SecureBuild
SecureBuild helps open source projects deliver trusted, hardened container images with zero known vulnerabilities (0 CVEs), and get paid for it.
We work directly with the maintainers of popular OSS projects to produce high-integrity builds from source, track dependencies with full SBOMs, and proactively patch images as CVEs emerge. Enterprises get secure, stable software they can rely on. Maintainers receive 70% of direct image subscription revenue.
Built by the Team Behind Replicated
SecureBuild is a new initiative from Replicated, the platform trusted by leading commercial and open source vendors to distribute and support their enterprise software. Over the past decade, we have helped companies like HashiCorp, TravisCI, Knime, H2O.ai, and many others (replicated.com/customers) commercialize their software and grow sustainably.
Our leadership team has deep experience in cloud-native infrastructure, secure software delivery, and open source business models. We have seen what works and what doesn't when trying to scale security across both community and enterprise environments.
SecureBuild is built on top of the core Replicated technologies for building, securing, and distributing containerized applications to the most secure environments.
We started SecureBuild because we believe there is a better way. Open source maintainers should not have to choose between sustainability and security. Enterprises have shown they are willing to pay for high-assurance software. SecureBuild connects these two needs.
We believe that commercial success can strengthen the open source ecosystem without changing licenses or locking in users. By realigning incentives, we are building a system that rewards creators, satisfies enterprises, and improves supply chain security across the board.
Want to learn more?
Explore how to partner with us