Docker Makes Hardened Images Free in Container Security Shift

Docker Makes Hardened Images Free in Container Security Shift

Briefly

"Docker has made its catalogue of more than 1,000 hardened container images freely available under an open source licence. Docker Hardened Images were previously a commercial offering launched in May 2025, but are now accessible to all developers under an Apache 2.0 licence with no restrictions on use or distribution. The move comes as supply chain attacks continue to escalate across the software industry. Such attacks are projected to cost businesses $60 billion globally in 2025, according to Cybersecurity Ventures, triple the impact from 2021."

"Mark Cavage, president and chief operating officer at Docker, said security must start at the earliest point in development and needs to be universally available to every developer. "By making hardened images freely available and providing tooling that works with today's AI coding agents, we're giving the entire industry and community the best possible baseline to build on," Cavage said."

"The hardened images are built on widely adopted open source distributions, specifically Debian and Alpine Linux. They have been designed to reduce attack surfaces by eliminating unnecessary components such as package managers and shells. The images run as non-root users by default and include complete software bills of materials, transparent vulnerability data, and cryptographic proof of authenticity with SLSA Build Level 3 provenance."