Docker Introduces Hardened Images for Secure Software Development

Docker, Inc. has launched Docker Hardened Images (DHI), a curated set of security-hardened container images aimed at software supply chain security. This offering is relevant to IT leaders, as it promises to provide enhanced security controls without impeding developer productivity.

Product Overview

The Docker Hardened Images are designed with a focus on security, featuring streamlined architecture, ongoing maintenance, and adherence to enterprise compliance standards. These images can be accessed through Docker Hub, allowing development, security, and platform teams to operate securely while maintaining their existing workflows.

Industry Collaboration

DHI is supported by several partners, including Cloudsmith, GitLab, and Microsoft, who will contribute to the creation of secure images and the integration of scanning and compliance insights directly into users’ workflows. This collaborative approach underscores Docker's commitment to cultivating a robust ecosystem around the hardened container space.

Expert Insights

Michael Donovan, Docker's vice president of Product, emphasized that the responsibility for securing container dependencies does not lie solely with developers. He stated, “With Docker Hardened Images, we’re making it easier for teams to build with trusted and verified components that meet enterprise-grade security and compliance standards without adding friction to their workflow.” Steven Dickens from HyperFRAME Research noted the importance of DHI for software supply chain assurance, expressing confidence in Docker's approach to security and usability.

Key Features

Docker Hardened Images come with several features geared toward addressing the needs of enterprise developers:

• Platform Engineers can manage secure images with complete policy control.
• Application Developers can focus on coding without the burden of vulnerability management.
• Security Engineers gain consistent artifacts that align with security standards, simplifying audit processes.
• CISOs receive improved visibility into compliance across the supply chain.

Conclusion

Ultimately, Docker Hardened Images aim to balance maximum security and compliance with operational efficiency. Currently, these images are available on Docker Hub, marking a strategic enhancement for enterprises prioritizing secure application development.