Docker recently announced that Docker Hardened Images (DHI) are now open source and freely available “to everyone who builds software.”
Docker Hardened Images, which are secure, minimal, production-ready images, are “fully open and free to use, share, and build on with no licensing surprises, backed by an Apache 2.0 license,” the announcement states.
And, according to Docker:
- Every image includes a complete and verifiable SBOM.
- Every image provides SLSA Build Level 3 provenance.
- Every vulnerability is assessed using transparent public CVE data.
- Every image comes with proof of authenticity.
Learn more at Docker.