Containers are the new Supply Chain Attack Vector
Join Docker for a 7 part webinar series: Securing the modern software supply chain.
Learn how to deliver secure, minimal, production-ready images with near-zero CVEs and up to 95% less attack surface.
In each session you will implement practical steps such as swapping your base and application images with a one-line Dockerfile change, enforcing Cosign signatures and SLSA Build Level 3 provenance checks in CI/CD, consuming complete SBOMs and OpenVEX to cut alert noise, and using purpose-built debug images that keep production minimal.
We anchor every topic to the gold standards of the modern software supply chain: minimal attack surface, complete and verifiable SBOMs, verifiable build provenance, standardized exploitability assessment, and cryptographic verification. Maintained by Docker and backed by an enterprise SLA, Docker Hardened Images are secure, compatible with your preferred Linux environments, and customizable to your DevSecOps stack including FedRAMP-aligned options and Kubernetes-ready workflows.
Register for series now.
Thank you for registering. You will receive a confirmation email shortly.
What’s coming next
Episode 4: Getting Developers to actually use Secure Containers
Cody Green, Sr Sr. Director, Solutions Engineering, Brian Pratt, Sr. Principle Product Manager and Britney Blodget, Sr. Product Manager
Developers often bypass security when controls add friction, alerts are noisy, or enforcement is inconsistent. This session shows how Docker Hardened Images create a secure by default developer experience that cuts noise with complete SBOMs and OpenVEX, reduces drift with ultra minimal images, and standardizes controls with a secure policy in CI and CD that enforces Cosign signatures and SLSA Build Level 3 provenance.
Real Talk: CISOs and Developers on Supply Chain Risk
Mike Donovan, VP Product
Supply chain risk is real, yet adoption and measurable outcomes are hard without alignment. In this panel you will learn how peers won developer buy in without slowing delivery, aligned CISOs, developers, and researchers on shared goals, and instrumented KPIs that prove risk reduction and velocity gains. You will implement a practical adoption playbook that includes policy as code for consistent enforcement, an exception and waiver process, rollout patterns that scale across teams, and dashboards that show ROI. Expect peer proof points, real world lessons, and credibility you can use with decision makers.
Sneak Peek: Docker at AWS re:Invent
A preview of what Docker is bringing to re:Invent 2025, including new DHI capabilities, Secure Build enhancements, and AI workflow integrations. This session also offered early access to upcoming partner and ecosystem announcements