Introduction to DHI

Containers have become the core of modern application delivery. But as adoption grows, so does the attack surface. From vulnerable base images to supply chain risks, security is no longer optional—it’s foundational. This is where Docker Hardened Images (DHI) come into play. Docker Hardened Images are minimal, secure, and production-ready container images maintained directly by Docker. They are designed to reduce vulnerabilities from the start while simplifying compliance and integration into existing workflows. Docker Hardened Images features Instead of relying on generic base images and fixing issues later with scanners, DHI focuses on building a secure foundation from the beginning. TL;DR Secure, minimal, production-ready container images by Docker Near-zero CVEs with continuous patching Built-in SBOM, provenance (SLSA L3), and signed metadata Drop-in replacement for existing Docker workflow Available in Community, Select, and Enterprise tiers What is DHI? Docker Hardened Images (DHI