Docker has launched Docker Hardened Images (DHI), a curated catalog of secure container images for enterprise environments. The solution offers minimal, continuously maintained images that meet strict security standards and is available immediately via Docker Hub.
Developed with security at its core, the new Hardened Images allow developers, security experts, and platform teams to scale securely without slowing down their workflows. They gain access to verified components that meet enterprises’ security and compliance requirements.
With over a decade of experience building developer tools and securing billions of image pulls per month on Docker Hub, the company sees DHI as a natural platform evolution. The new solution is built directly into workflows that teams already trust.
At launch, several partners, including GitLab, JFrog, Microsoft, Neo4j, Sysdig, and Wiz, are joining the Docker Hardened Images ecosystem.
Docker Hardened Images are built for the real-world needs of enterprise developers and the teams that support them. Whether you’re responsible for building, securing, or scaling applications, DHI promises to help you work faster with the right assurances.
Platform engineers get a scalable way to manage secure, compliant images with full control over policy and provenance. With hardened, ready-to-use images integrated into Docker Hub, application developers can focus on delivering code instead of chasing CVEs. Security engineers get consistent, verifiable artifacts that meet organization-wide security standards and simplify audits.
Secure by nature, flexible by design
Docker Hardened Images are designed to provide maximum security and compliance while remaining lightweight, fast, and customizable. Each image is built to eliminate vulnerabilities, with few to no exploitable CVEs and continuous scanning and updates, all built to meet SLSA Level 3 requirements.
The images are designed for minimal privileges and run as non-root by default to reduce risk in production. They are minimal in design, based on distroless principles that reduce the attack surface and improve startup time, with up to a 95 percent reduction in attack surface.
For compliance purposes, the images come with SBOMs, VEX statements, digital signatures, and SLSA Build Level 3 attestations for full provenance and transparency. They are available in multiple distros, including Alpine and Debian, to support different enterprise environments.
Docker Hardened Images is now available on Docker Hub.