{"podcast":{"title":"The Changelog: Software Development, Open Source","slug":"the-changelog-software-development-open-source","podcast_index_feed_id":542376,"rss_url":"https://changelog.com/podcast/feed","website_url":"https://changelog.com/podcast","image_url":"https://cdn.changelog.com/static/images/podcasts/podcast-original-f16d0363067166f241d080ee2e2d4a28.png","author":"Changelog Media","episode_count":1008,"summary":"Software's best weekly news brief, deep technical interviews & talk show.","last_synced_at":null,"page_url":"https://stenobird.com/podcast/the-changelog-software-development-open-source"},"episode":{"title":"Setting Docker Hardened Images free (Interview)","slug":"setting-docker-hardened-images-free-interview","published_at":"2026-02-04T20:00:00+00:00","page_url":"https://stenobird.com/podcast/the-changelog-software-development-open-source/setting-docker-hardened-images-free-interview","show_page_url":"https://stenobird.com/podcast/the-changelog-software-development-open-source","url":"https://changelog.com/podcast/675","audio_url":"https://op3.dev/e/https://pscrb.fm/rss/p/https://cdn.changelog.com/uploads/podcast/675/the-changelog-675.mp3","summary":"Docker has open-sourced its Docker Hardened Images (DHI) to provide developers with a secure, minimal, and production-ready foundation. Tushar Jain discusses the strategy behind making these images free and the roadmap for securing the software supply chain.","meta_description":"Learn how Docker is securing the software supply chain by making Hardened Images open source and expanding their ecosystem for AI and enterprise use.","key_points":["Main idea: Docker has transitioned its Hardened Images catalog to an open-source model under the Apache 2.0 license","Practical takeaway: Developers can now use over 1,000 pre-hardened, minimal images based on Alpine and Debian to reduce attack surfaces","Strategy: Docker aims to expand the catalog by offering hardened system packages built from source and language-specific packages","Future roadmap: The company is working toward a secure build pipeline and enhanced transparency via VEX (Vulnerability Exploitability eXchange) feeds","Failure mode: Relying on unpatched or bloated images increases supply chain vulnerability, which Docker aims to mitigate through proactive patching of high and critical vulnerabilities"],"chapters":[{"start_ms":60000,"title":"The Rise of Agentic Data Needs","summary":"An exploration of how AI agents are driving unprecedented demand for specialized database capabilities like vector search and zero-copy forks."},{"start_ms":430000,"title":"Open Sourcing Hardened Images","summary":"Details on Docker's decision to make the Hardened Images catalog free for the community and open-source developers."},{"start_ms":1105000,"title":"The Roadmap for Secure Packages","summary":"Discussion on the plan to provide hardened system and language-specific packages built directly from source."},{"start_ms":1800000,"title":"Transparency and Vulnerability Management","summary":"How Docker uses VEX feeds to communicate which vulnerabilities actually impact their images to reduce noise for developers."},{"start_ms":2515000,"title":"Integrating Security Scanning","summary":"The role of Docker Scout in providing visibility into the health and security of container images."},{"start_ms":3875000,"title":"The Future of Software Supply Chains","summary":"A look at the next five years of software development, focusing on secure builds and the impact of AI on engineering throughput."}],"topics":["Docker","Open Source","Software Supply Chain Security","Container Security","Hardened Images","AI Agents","DevOps","Vulnerability Management"],"duration_seconds":4609,"processing_state":"processed","actions":[{"name":"request_transcript","method":"POST","url":"https://stenobird.com/v1/public/podcasts/the-changelog-software-development-open-source/episodes/setting-docker-hardened-images-free-interview/transcription-requests","description":"Idempotently request low-priority transcript generation for this episode."},{"name":"read_markdown","method":"GET","url":"https://stenobird.com/podcast/the-changelog-software-development-open-source/setting-docker-hardened-images-free-interview.md","description":"Read the agent-friendly Markdown representation of this episode resource."}]}}