VEX
-
Scanner Integrations May 5, 2026
Precision Container Security with Docker and Black Duck
The complexity of modern containerized applications often leaves developers drowning in a sea of “noise”—vulnerabilities that exist in the file system but pose zero actual risk to the application. The integration between Black Duck and Docker Hardened Images (DHI) provides a definitive answer to this challenge. By combining Docker’s secure-by-default foundations, using VEX (Vulnerability Exploitability…
Jessy McDermottandDan StelzerRead now
-
Apr 8, 2026
Reclaim Developer Hours through Smarter Vulnerability Prioritization with Docker and Mend.io
We recently announced the integration between Mend.io and Docker Hardened Images (DHI) provides a seamless framework for managing container security. By automatically distinguishing between base image vulnerabilities and application-layer risks, it uses VEX statements to differentiate between exploitable vulnerabilities and non-exploitable vulnerabilities, allowing your team to prioritize what really matters. TL;DR: The Developer Value Proposition…
Adam DawsonandDor HayunRead now
-
Integrations Feb 5, 2026
Reduce Vulnerability Noise with VEX: Wiz + Docker Hardened Images
Open source components power most modern applications. A new generation of hardened container images can establish a more secure foundation, but even with hardened images, vulnerability scanners often return dozens or hundreds of CVEs with little prioritization. This noise slows teams down and complicates security triage. The VEX (Vulnerability Exploitability eXchange) standard addresses the problem…
Bjorn HovdandDan StelzerRead now