Socket Firewall Now Available in Docker Hardened Images

Docker has announced that its Docker Hardened Images, which are now free and open-source, are designed to enhance container security by reducing attack surfaces and eliminating unnecessary risks at the base layer. These minimal, source-built container images come with features like SBOMs, provenance metadata, signatures, and OpenVEX to reduce CVE noise. As part of this launch, Docker is integrating Socket Firewall Free into these images, starting with popular language images such as Node.js, Python, and Rust, to provide runtime protection against supply chain threats during dependency installation and code building. The integration allows package managers like npm, yarn, and pip to automatically run through the Socket Firewall, offering a practical way to add security without redesigning existing pipelines. This initiative aims to push secure-by-default container foundations to millions of developers via Docker Hub, potentially impacting the software supply chain by establishing a higher security baseline.