Hardened images from Docker improve security and reduce the burden on developers
With the Hardened Images (DHI), Docker offers secure, lean and compliance-compliant images. These include Microsoft, Neo4J and GitLab, among others.
(Image: dpa, Christian Charisius)
- Manuel Masiero
With Docker Hardened Images (DHI), Docker Inc. provides a selection of security-optimized and enterprise-grade container images. The packages are designed to meet the highest security requirements for the software supply chain. The DHIs have a minimalist structure at their core and, according to Docker, are continuously developed to meet the compliance standards of companies.
(Image:Â Docker)
Recently, there have been repeated attacks on Docker Hub and other public repositories. Among other things, 2.8 million Docker Hub repositories were infected with malware or phishing.
GitLab and Microsoft join in
According to Docker, every DHI meets SLSA level 3, supports compliance tools such as SBOM and VEX and runs as non-root with the lowest privileges to minimize security risks. Thanks to their minimalist design, the software packages should also start faster and have up to 95 percent less of a tampering attack surface than non-hardened images.
Videos by heise
The hardened images are available directly via Docker Hub, support Linux distributions such as Alpine and Debian and are designed to enable developers to work securely and efficiently while maintaining familiar processes. At the same time, they enable the platform teams to focus on their core tasks without being held up by the elimination of vulnerabilities.
Docker has brought several partners on board for the Docker Hardened Images. Cloudsmith, GitLab, Grype, JFrog, Microsoft, Neo4j, NGINX, Sonatype, Sysdig and Wiz are involved right from the start. The complete DHI catalog can be accessed here. More information about DHI can be found on the Docker blog.
(mma)
