The Docker team has announced unlimited access to its Hardened Images catalog to make access to secure software bundles affordable for all development teams at startups and SMBs.
Starting today, container images that have been verified to be free of known vulnerabilities (near-zero CVEs), are available to all users through a subscription and a 30-day free trial.
“We’re introducing unlimited access to the Docker Hardened Images catalog, making near-zero CVEs a practical reality for every team at an affordable price,” reads the announcement.
“With a single Hardened Images subscription, every team can access the full catalog: unlimited, secured, and always up to date.”
Docker is a widely used platform that allows developers to package applications and their dependencies into “containers,” allowing consistent and systematic deployment across different environments.
Container images are templates that include all the necessary code, runtime, libraries, and system tools for running an application.
Reduced security risk
Hardened Images are highly-secure versions of regular Docker images that eliminate the risk of known vulnerabilities as they are built from source code, benefit from continuous upstream patches, and lack unnecessary components.
Every hardened image also includes support for Vulnerability Exploitability eXchange (VEX), which puts the spotlight only on security issues that truly count.
Furthermore, Docker says that removing nonessential content, the attack surface decreases by up to 95%.
... continue reading