Skip to content
Fresh

Explore

Back

Manuals

Explore Docker Hardened Images

Copy as Markdown

Open MarkdownAsk Docs AIClaudeOpen in Claude

Table of contents


Docker Hardened Images (DHI) are minimal, secure, and production-ready container base and application images maintained by Docker. Designed to reduce vulnerabilities and simplify compliance, DHI integrates easily into your existing Docker-based workflows with little to no retooling required.

This section helps you understand what Docker Hardened Images are, how they're built and tested, the different types available, and how responsibility is shared between Docker and you as a user. For a complete list of DHI features and capabilities, see Features.

Learn more about Docker Hardened Images

What are hardened images and why use them?\ \ Learn what a hardened image is, how Docker Hardened Images are built, what sets them apart from typical base and application images, and why you should use them.

Build process\ \ Learn how Docker builds, tests, and maintains Docker Hardened Images through an automated, security-focused pipeline.

Image types\ \ Learn about the different image types, distributions, and variants offered in the Docker Hardened Images catalog.

Scanner integrations\ \ Discover which vulnerability scanners integrate with Docker Hardened Images and support open standards like OpenVEX.

Image testing\ \ See how Docker Hardened Images are automatically tested for standards compliance, functionality, and security.

Malware scanning\ \ Learn how Docker scans Docker Hardened Images for viruses and malware, and how to view and verify the scan attestation.

Responsibility overview\ \ Understand Docker's role and your responsibilities when using Docker Hardened Images as part of your secure software supply chain.

Give feedback\ \ Docker welcomes all contributions and feedback.