TL;DR
Docker has launched Docker Hardened Images, a secure and minimal set of production-ready images. These images are now freely available to developers.
Key Points
Highlight key points with color coding based on sentiment (positive, neutral, negative).Docker Hardened Images (DHI) are secure, minimal, and production-ready images made freely available to developers. Docker's goal is to provide a secure foundation for software development and address the threat of supply-chain attacks.
DHI is compatible with open-source foundations like Alpine and Debian.
The initiative includes commercial offerings such as DHI Enterprise, which provides enhanced security features like FIPS-enabled and STIG-ready images, and SLA-backed critical CVE remediation within 7 days, catering to organizations with strict security or regulatory demands.
DHI offers a transparent approach by including a complete and verifiable Software Bill of Materials (SBOM) and using public CVE data for vulnerability assessment.
Companies like Adobe, Qualcomm, Attentive, and Octopus Deploy have adopted DHI for compliance and security.
Docker has introduced Docker Hardened Images (DHI), a collection of secure, minimal, and production-ready images available at no cost to developers. This release addresses the increasing threat of supply-chain attacks, which reportedly resulted in over $60 billion in damages in 2025. DHI provides a secure foundation for software development, with a focus on transparency and compatibility with open-source platforms such as Alpine and Debian. The images are designed to be minimal and secure and offer a complete and verifiable Software Bill of Materials (SBOM) and SLSA Build Level 3 provenance. Docker evaluates vulnerabilities using transparent public CVE data.
Developers have access to three DHI options: a free version, DHI Enterprise for organizations with specific security or regulatory requirements, and DHI Extended Lifecycle Support (ELS) for extended security coverage beyond upstream support. DHI Enterprise features include FIPS-enabled and STIG-ready images, compliance with CIS benchmarks, and SLA-backed remediations for critical CVEs within seven days. ELS provides up to five additional years of security coverage, maintaining continuous CVE patches and compliance.
Docker's approach includes a distroless runtime to reduce the attack surface while maintaining necessary tools, and the use of Docker's AI assistant to assist in migrating to secure images. The initiative is supported by a growing ecosystem of partners, including Google, MongoDB, and CNCF, who are integrating DHI into their platforms.
Key Numbers
Present key numerics and statistics in a minimalist format.The damage caused by supply-chain attacks in 2025.
The increase in damage from supply-chain attacks since 2021.
The number of monthly pulls on Docker Hub.
The percentage of organizations relying on containers in their software delivery workflows.
The number of images and helm charts hardened since the launch in May 2025.
The number of developers in the container ecosystem with access to DHI.
The reduction in size of images with dramatically reduced CVEs.
The commitment period for critical CVE remediation offered by DHI Enterprise.
The roadmap target for critical CVE remediation by DHI Enterprise.
The additional years of security coverage provided by DHI Extended Lifecycle Support.
Stakeholder Relationships
An interactive diagram mapping entities directly or indirectly involved in this news. Drag nodes to rearrange them and see relationship details.Organizations
Key entities and stakeholders, categorized for clarity: people, organizations, tools, events, regulatory bodies, and industries.Developed and launched Docker Hardened Images to provide secure, minimal, and production-ready images for developers.
Adopted Docker Hardened Images to secure its operations and meet compliance requirements.
Utilizes Docker Hardened Images to enhance security and compliance in its operations.
Leverages Docker Hardened Images to accelerate compliance processes and expand business opportunities.
Uses Docker Hardened Images to improve compliance and security in its deployment processes.
Tools
Key entities and stakeholders, categorized for clarity: people, organizations, tools, events, regulatory bodies, and industries.A set of secure, minimal, and production-ready images made available to developers to address supply-chain attack threats.
Additional Resources
Enjoyed it?
Get weekly updates delivered straight to your inbox, it only takes 3 seconds!Subscribe to our weekly newsletter Kaptain to receive similar updates for free!
Give a Pawfive to this post!
Share with your friends and followers
Start writing about what excites you in tech — connect with developers, grow your voice, and get rewarded.
Join other developers and claim your FAUN.dev() account now!
FAUN.dev()
FAUN.dev() is a developer-first platform built with a simple goal: help engineers stay sharp without wasting their time.
Kaptain #Kubernetes
FAUN.dev()
@kaptain
Featured Course(s)
Observability with Prometheus and Grafana
A Complete Hands-On Guide to Operational Clarity in Cloud-Native Systems
