The Docker staff has introduced limitless entry to its Hardened Photos catalog to make entry to safe software program bundles inexpensive for all improvement groups at startups and SMBs.
Beginning right now, container photographs which were verified to be freed from recognized vulnerabilities (near-zero CVEs), can be found to all customers by way of a subscription and a 30-day free trial.
“We’re introducing limitless entry to the Docker Hardened Photos catalog, making near-zero CVEs a sensible actuality for each staff at an inexpensive worth,” reads the announcement.
“With a single Hardened Photos subscription, each staff can entry the complete catalog: limitless, secured, and all the time updated.”
Docker is a extensively used platform that enables builders to bundle purposes and their dependencies into “containers,” permitting constant and systematic deployment throughout completely different environments.
Container photographs are templates that embody all the required code, runtime, libraries, and system instruments for operating an software.
Diminished safety danger
Hardened Photos are highly-secure variations of standard Docker photographs that get rid of the chance of recognized vulnerabilities as they’re constructed from supply code, profit from steady upstream patches, and lack pointless parts.
Each hardened picture additionally contains help for Vulnerability Exploitability eXchange (VEX), which places the highlight solely on safety points that really rely.
Moreover, Docker says that eradicating nonessential content material, the assault floor decreases by as much as 95%.
Docker partnered with impartial cybersecurity auditors at SRLabs who validated that the Hardened Photos are appropriately signed, rootless by default, embody SBOM and VEX, and confirmed no root escapes or different high-severity breakout issues.
Hardened Photos are additionally underpinned by a seven-day patch Service Stage Settlement (SLA), which means that when a brand new CVE impacts a element used on the picture, Docker should launch a patched model inside every week.
The Hardened Photos catalog gives a broad vary of photographs, together with for synthetic intelligence/machine studying, languages and runtimes (Python), databases (PostgreSQL), frameworks (NGINX), and infrastructure instruments (Kafka).
The catalog additionally options FedRAMP-ready variants that meet stricter U.S. federal safety requirements.
All photographs from the Hardened Photos catalog are appropriate with Alpine and Debian Linux methods, might be simply built-in by altering a single Dockerfile line, and might be freely custom-made with out shedding the hardened baseline.
Docker Hub stays the default start line for many container builds, however releasing the Hardened Photos catalog to all customers may mark the beginning of a major elevation within the ecosystem’s safety.
Be a part of the Breach and Assault Simulation Summit and expertise the way forward for safety validation. Hear from high specialists and see how AI-powered BAS is reworking breach and assault simulation.
Do not miss the occasion that can form the way forward for your safety technique
