Webinar Series

Strategies to cut CVEs and ship secure containers faster

Tuesdays, October 14 – November 25 at 11 AM ET

Join Docker for a 7 part webinar series: Securing the modern software supply chain.

Learn how to deliver secure, minimal, production-ready images with near-zero CVEs and up to 95% less attack surface. 

In each session you will implement practical steps such as swapping your base and application images with a one-line Dockerfile change, enforcing Cosign signatures and SLSA Build Level 3 provenance checks in CI/CD, consuming complete SBOMs and OpenVEX to cut alert noise, and using purpose-built debug images that keep production minimal. 

We anchor every topic to the gold standards of the modern software supply chain: minimal attack surface, complete and verifiable SBOMs, verifiable build provenance, standardized exploitability assessment, and cryptographic verification. Maintained by Docker and backed by an enterprise SLA, Docker Hardened Images are secure, compatible with your preferred Linux environments, and customizable to your DevSecOps stack including FedRAMP-aligned options and Kubernetes-ready workflows.

Register for series now.

Thank you for your interest. The Docker Team will be in touch.

Thank you for registering for our webinar. You will receive a confirmation email shortly.

Up next on October 28

Episode 3: Containers are the new Supply Chain Attack Vectors

In this session, we will take a look at Docker’s five pillars for supply chain security. We look at how these pillars provide a common language for platform, security, and app teams. We will outline why minimal, non-root defaults cut exposure, why complete SBOMs and SLSA Level 3 provenance form a shared source of truth, and how signatures make policy enforceable across registries.
Events webinar containers new supply chain

What’s coming next

October 28

Episode 3: Containers are the new Supply Chain Attack Vector

Martin Perez, Principal Engineer and Nate Bittinger, VP Engineering

In this session, we will take a look at Docker’s five pillars for supply chain security. We look at how these pillars provide a common language for platform, security, and app teams. We will outline why minimal, non-root defaults cut exposure, why complete SBOMs and SLSA Level 3 provenance form a shared source of truth, and how signatures make policy enforceable across registries.

November 4

Episode 4: Getting Developers to actually use Secure Containers

Cody Green, Sr Sr. Director, Solutions Engineering, Brian Pratt, Sr. Principle Product Manager and Britney Blodget, Sr. Product Manager

Developers often bypass security when controls add friction, alerts are noisy, or enforcement is inconsistent. This session shows how Docker Hardened Images create a secure by default developer experience that cuts noise with complete SBOMs and OpenVEX, reduces drift with ultra minimal images, and standardizes controls with a secure policy in CI and CD that enforces Cosign signatures and SLSA Build Level 3 provenance. 

November 18

Real Talk: CISOs and Developers on Supply Chain Risk

Mike Donovan, VP Product

Supply chain risk is real, yet adoption and measurable outcomes are hard without alignment. In this panel you will learn how peers won developer buy in without slowing delivery, aligned CISOs, developers, and researchers on shared goals, and instrumented KPIs that prove risk reduction and velocity gains. You will implement a practical adoption playbook that includes policy as code for consistent enforcement, an exception and waiver process, rollout patterns that scale across teams, and dashboards that show ROI. Expect peer proof points, real world lessons, and credibility you can use with decision makers.

November 25

Sneak Peek: Docker at AWS re:Invent

A preview of what Docker is bringing to re:Invent 2025, including new DHI capabilities, Secure Build enhancements, and AI workflow integrations. This session also offered early access to upcoming partner and ecosystem announcements