Docker just made container security free for everyone. On December 17, 2025, they announced that their Hardened Images, previously an enterprise-only feature, are now completely free and open source for all developers. Docker Hardened Images (DHI) are secure, minimal container images built for production.

Think of them as Docker Official Images with enterprise-grade security hardening. Key features include near-zero CVEs, up to 95% smaller images, built on familiar Alpine and Debian foundations, complete transparency with SBOMs and SLSA provenance, and Apache 2.0 licensing. This matters for every startup, open source project, and solo developer by dramatically reducing attack surfaces, cutting cloud costs, and eliminating constant CVE firefighting. The catalog covers everything: language runtimes (Python, Node.js, Go), databases (PostgreSQL, MongoDB, Redis), infrastructure tools (Nginx, Traefik), observability stack (Prometheus, Grafana), and security tools (Vault, Trivy).

On October 20, an outage in the US East (us-east-1) AWS region disrupted operations for numerous companies, including Apple, Epic Games, Netflix, and Canva. Having worked as a software engineer on projects with diverse requirements, capacities, budgets, and scopes, I’d like to offer my perspective on the event and its implications.