The Docker team has announced unlimited access to its catalog of hardened images to make access to affordable software bundles available to all development teams in startups and SMBs.
Starting today, container images that have been verified to be free of known vulnerabilities (near-zero CVES) are available to all users through a subscription and a 30-day free trial.
“We’re introducing unlimited access to the Docker Hardened Image Catalog, making zero-shero CVES a practical reality for every team at an affordable price,” reads the announcement,
“With a single Hardened Images subscription, every team can access the full catalog: unlimited, secure, and always up to date.”
Docker is a widely used platform that allows developers to package applications and their dependencies into “containers”, allowing consistent and systematic deployment across different environments.
Container images are templates that contain all the necessary code, runtime, libraries, and system tools to run an application.
low security risk
there are harsh pictures high-security version Of regular Docker images that eliminate the risk of known vulnerabilities because they are built from source code, benefit from continuous upstream patches, and lack redundant components.
Each hardened image also includes support for Vulnerability Exploitability Exchange (VEX), which puts the spotlight on the only security issues that really count.
Additionally, Docker says that by removing nonessential content, the attack surface is reduced by up to 95%.
Docker partnered with independent cybersecurity auditors at SRLABS, who validated that the hardened images are appropriately signed, include rootless, SBOM, and VEX by default, and show no root escapes or other high-severity breakout issues.
Hardened images are also underpinned by a seven-day patch service level agreement (SLA), meaning that when a new CVE affects a component used on the image, Docker must release a patched version within a week.
The Hardened Image Catalog provides a wide range of images, including artificial intelligence/machine learning, languages and runtimes (Python), databases (PostgreSQL), frameworks (Nginx), and infrastructure tools (KAFKA).
The catalog also features FedRump-ready variants that meet strict US federal security standards.
All images from the Hardened Image Catalog are compatible with Alpine and Debian Linux systems, can be easily integrated by changing a single Dockerfile line, and can be freely customized without losing the hardened baseline.
Docker Hub remains the default starting point for most container builds, but releasing the hardened image catalog to all users could mark the beginning of a significant elevation in security of the ecosystem.
attend Breach and Attack Simulation Summit and experience future of security verificationHear from top experts and see how AI-powered base Changing the breach and attacking simulation.
Don’t miss the event that will shape the future of your security strategy
