In a move to bolster the security of software containers, Docker has announced the availability of its Hardened Images catalog to all users, including startups and small-to-medium businesses (SMBs). This catalog offers container images that have been verified to be free of known vulnerabilities, providing a practical and affordable solution for development teams to access secure software bundles.
The Hardened Images are highly-secure versions of regular Docker images, built from source code and continuously updated with upstream patches. These images eliminate the risk of known vulnerabilities, reduce the attack surface by up to 95%, and include support for Vulnerability Exploitability eXchange (VEX) to focus on the most critical security issues. Docker has also partnered with independent cybersecurity auditors to validate the security measures and ensure the images are appropriately signed, rootless by default, and free of high-severity breakout problems.
The Hardened Images catalog covers a wide range of applications, including artificial intelligence/machine learning, languages, databases, frameworks, and infrastructure tools. These images are compatible with Alpine and Debian Linux systems and can be easily integrated into existing workflows by modifying a single Dockerfile line. The move to make the Hardened Images catalog accessible to all users marks a significant step in elevating the overall security of the container ecosystem, empowering small businesses and startups to better protect their software deployments.