Docker has made its catalogue of more than 1,000 hardened container images freely available under an open source licence. Docker Hardened Images were previously a commercial offering launched in May 2025, but are now accessible to all developers under an Apache 2.0 licence with no restrictions on use or distribution.
The move comes as supply chain attacks continue to escalate across the software industry. Such attacks are projected to cost businesses $60 billion globally in 2025, according to Cybersecurity Ventures, triple the impact from 2021. With Docker Hub handling more than 20 billion container pulls each month, the company’s decision to democratise access to secure base images could have far-reaching implications for the container ecosystem.
Mark Cavage, president and chief operating officer at Docker, said security must start at the earliest point in development and needs to be universally available to every developer. “By making hardened images freely available and providing tooling that works with today’s AI coding agents, we’re giving the entire industry and community the best possible baseline to build on,” Cavage said.
The hardened images are built on widely adopted open source distributions, specifically Debian and Alpine Linux. They have been designed to reduce attack surfaces by eliminating unnecessary components such as package managers and shells. The images run as non-root users by default and include complete software bills of materials, transparent vulnerability data, and cryptographic proof of authenticity with SLSA Build Level 3 provenance.
Docker claims the hardened images achieve up to 95 per cent reductions in attack surface compared to traditional base images. The company has also developed Hardened Helm Charts for Kubernetes environments and announced Hardened MCP Servers for AI applications. Christian Dupuis, senior principal engineer at Docker, described the announcement as a watershed moment for the industry. “Docker is fundamentally changing how applications are built, secure by default for every developer, every organisation, and every open-source project,” Dupuis said.
The initiative has drawn support from major technology companies and industry organisations. In the Docker release, Jonathan Bryce, executive director of the Cloud Native Computing Foundation, welcomed the move. “Docker’s move to make its hardened images freely available under Apache 2.0 underscores its strong commitment to the open source ecosystem,” Bryce said. Many CNCF projects can already be found in the DHI catalogue, and giving the broader community access to secure, well-maintained building blocks helps strengthen the software supply chain together, he added.
There are other similar moves in the industry towards making hardened and cut-down images freely available, as using minimal, security-focused container images becomes a core requirement for most organisations. Google has maintained its distroless images as an open source project for several years, offering minimal container images based on Debian that contain only application runtime dependencies without shells or package managers. The smallest distroless image is approximately 2 megabytes, representing about 50 per cent of the size of Alpine Linux and less than 2 per cent of a standard Debian image. Major projects including Kubernetes, Knative, and Tekton have adopted Google’s distroless images in production environments.
Competitors such as Chainguard offer nearly 500 minimal, hardened container images with a similar focus on reducing known vulnerabilities. The company recently launched a new Images Directory with security advisories and automated update tools. Chainguard provides free developer images at the latest version whilst offering production images with patch service level agreements and features such as Federal Information Processing Standards compliance as commercial offerings.
Echo Software, another competitor in the space, raised significant funding recently. The company uses AI agents to build and maintain vulnerability-free container images. The container security industry is valued at roughly $3 billion in 2025, and is projected to exceed $20 billion over the next decade, according to Market Research Future.
Docker’s free offering coexists with two commercial tiers. Docker Hardened Images Enterprise provides service level agreements for critical vulnerability remediation within seven days, with plans to reduce this to one day or less. The enterprise tier also offers images compliant with Federal Information Processing Standards and Department of Defence secure technical implementation guides. It allows organisations to customise images whilst maintaining Docker’s secure build infrastructure and compliance guarantees. Docker Hardened Images Extended Lifecycle Support, available as a paid add-on to the enterprise tier, provides up to five additional years of security coverage for software beyond its official end-of-life date. This will suit organisations with legacy systems that will need security updates after upstream support ends.
The company has also enhanced its tooling to support migration to hardened images. As an experimental feature, the Docker AI Assistant can now scan existing containers and recommend equivalent hardened images that match application requirements. This is expected to reach general availability once some learnings from real-world migrations have been incorporated.
Turning to Reddit, in a self-professed hot-take, a developer “sirpatchesalot” expressed his concerns about the Docker hardened images announcement, suggesting it may have been timed to coincide with the changes to Bitnami’s licensing terms. He also pointed out past Docker behaviour of putting free functionality behind a paywall. He points out that limiting the distro used to Debian and Alpine might be a problem for enterprise environments that need a commercial distribution, and he questions the accuracy of Docker’s vulnerability metrics around CVEs.
Free hardened images are nice. Transparency, long-term trust, OS flexibility, and honest vulnerability handling matter more. If you don’t read the fine print, you’re not getting “security” you’re getting vibes.
– sirpatchesalot on Reddit
The comparison to Bitnami’s recent decision to withdraw its free public catalogue of images is particularly relevant. Bitnami, now part of VMware following Broadcom’s acquisition, shifted users to paid subscriptions costing $50,000 or more annually. Bitnami defended the decision by stating that operating a build pipeline and OCI registry for the general public had become unsustainable due to high costs. Docker’s approach differs in that it has explicitly released the images under an open source licence, which provides stronger guarantees about future availability. The company has also emphasised that the move carries the same spirit that defined Docker Official Images over a decade ago, which were made free and have remained free with consistent maintenance.
Tushar Jain, executive vice president of product and engineering at Docker, said every hardened image ships with strong provenance, reproducible builds, and clear attestations. With DHI Enterprise and Extended Lifecycle Support, the company is giving organisations the control and long-term protection they need to keep critical systems secure, Jain said.
The hardened images are now available via Docker Hub. Docker has scheduled a webinar for 13 January 2026 to provide hands-on guidance on using the free hardened images.
