# Setting Docker Hardened Images free (Interview) Page: https://stenobird.com/podcast/the-changelog-software-development-open-source/setting-docker-hardened-images-free-interview Text version: https://stenobird.com/podcast/the-changelog-software-development-open-source/setting-docker-hardened-images-free-interview.md Podcast: [The Changelog: Software Development, Open Source](https://stenobird.com/podcast/the-changelog-software-development-open-source) Published: 2026-02-04T20:00:00+00:00 Episode link: https://changelog.com/podcast/675 Audio file: https://op3.dev/e/https://pscrb.fm/rss/p/https://cdn.changelog.com/uploads/podcast/675/the-changelog-675.mp3 Processing state: processed JSON: https://stenobird.com/v1/public/podcasts/the-changelog-software-development-open-source/episodes/setting-docker-hardened-images-free-interview Duration seconds: 4609 ## Resource Docker has open-sourced its Docker Hardened Images (DHI) to provide developers with a secure, minimal, and production-ready foundation. Tushar Jain discusses the strategy behind making these images free and the roadmap for securing the software supply chain. ## Highlights - Main idea: Docker has transitioned its Hardened Images catalog to an open-source model under the Apache 2.0 license - Practical takeaway: Developers can now use over 1,000 pre-hardened, minimal images based on Alpine and Debian to reduce attack surfaces - Strategy: Docker aims to expand the catalog by offering hardened system packages built from source and language-specific packages - Future roadmap: The company is working toward a secure build pipeline and enhanced transparency via VEX (Vulnerability Exploitability eXchange) feeds - Failure mode: Relying on unpatched or bloated images increases supply chain vulnerability, which Docker aims to mitigate through proactive patching of high and critical vulnerabilities ## Topics Docker, Open Source, Software Supply Chain Security, Container Security, Hardened Images, AI Agents, DevOps, Vulnerability Management ## Chapters - 1:00 — The Rise of Agentic Data Needs: An exploration of how AI agents are driving unprecedented demand for specialized database capabilities like vector search and zero-copy forks. - 7:10 — Open Sourcing Hardened Images: Details on Docker's decision to make the Hardened Images catalog free for the community and open-source developers. - 18:25 — The Roadmap for Secure Packages: Discussion on the plan to provide hardened system and language-specific packages built directly from source. - 30:00 — Transparency and Vulnerability Management: How Docker uses VEX feeds to communicate which vulnerabilities actually impact their images to reduce noise for developers. - 41:55 — Integrating Security Scanning: The role of Docker Scout in providing visibility into the health and security of container images. - 1:04:35 — The Future of Software Supply Chains: A look at the next five years of software development, focusing on secure builds and the impact of AI on engineering throughput. ## Actions - request_transcript: `POST https://stenobird.com/v1/public/podcasts/the-changelog-software-development-open-source/episodes/setting-docker-hardened-images-free-interview/transcription-requests` — Idempotently request low-priority transcript generation for this episode. - read_markdown: `GET https://stenobird.com/podcast/the-changelog-software-development-open-source/setting-docker-hardened-images-free-interview.md` — Read the agent-friendly Markdown representation of this episode resource. A page view does not enqueue transcription. Agents should invoke `request_transcript` explicitly when they need this episode processed. ## Transcript Full transcripts are not published on public pages unless there is a clear rights basis.