Docker has made its Docker Hardened Images (DHI) collection of over 200 prepatched, security-hardened container images free to download. These images include complete SBOMs, CVE data, SLSA Build Level 3 provenance, and cryptographic authenticity proof, showing 96% fewer vulnerabilities than traditional base images. Docker also introduced DHI Enterprise, a paid tier offering SLA-backed CVE remediation, FIPS and STIG compliance, and customization options. An Extended Life Cycle Support add-on provides five additional years of security coverage for end-of-life software. The hardening methodology now extends to Model Context Protocol (MCP) server images for AI agent infrastructure.
Table of contents
What Are Hardened Images?Docker’s Enterprise ExtensionExtended Life Cycle SupportMCP Hardened, TooSort: