Securing your Docker containers just got a lot easier. On December 17, Docker announced that their catalog of over 1,000 Docker Hardened Images (DHI)—previously a premium-only feature—is now free and open source. This big change means every developer can now start their Dockerfile with a minimalist, near-zero CVE, SLSA Level 3 compliant foundation. If you’re …
Editors Note: the JFrog Kubelet Credential Provider now supports Google Kubernetes Engine (GKE), Azure Kubernetes Service (AKS), and Amazon EKS including projected tokens (KEP-4412 enhancement). This blog is updated to reflect these capabilities. Amazon EKS, GKE, and AKS are fully managed, compliant Kubernetes services that simplify running, managing, and scaling containerized applications. These services automatically …
In the never-ending quest to speed up software release cycles, ensuring the security and integrity of application artifacts has never been more critical. As applications are continuously built, tested, and deployed, every element of the software pipeline—from source code to container images—needs to be trusted and verifiable. A key aspect of maintaining this trust is …
