Docker @ Black Hat 2025 CVEs have everyone’s attention, here’s the path forward

CVEs dominated the conversation at Black Hat 2025. Across sessions, booth discussions, and hallway c

CVEs dominated the conversation at Black Hat 2025. Across sessions, booth discussions, and hallway chatter, it was clear that teams are feeling the pressure to manage vulnerabilities at scale. While scanning remains an important tool, the focus is shifting toward removing security debt it enters the software supply chain. Hardened images, compliance-ready tooling, and strong ecosystem partnerships are emerging as the path forward. The Docker community was out in full force, thank you all! Our booth at Black Hat was busy all week with nonstop conversations, hands-on demos, and a steady stream of limited-edition hoodies and Docker socks spotted around Las Vegas. The Docker + Wiz evening party brought together the DevSecOps community to swap stories, compare challenges, and celebrate progress toward a more secure software supply chain. It was a great way to hear firsthand what’s top of mind for teams right now. Across sessions, booth conversations, and the Wiz + Docker party, six key security themes stood out. A busy Doker Booth @ Black Hat 2025 In our Lunch and Learn event, Docker’s Mike Donovan, Brian Pratt, and Britney Blodget shared how Docker Hardened Images provide a zero-CVE starting point backed by SLAs, SBOMs, and signed provenance. This approach removes the need to choose between usability and security. Debian and Alpine variants meet teams where they are, while customization capabilities allow organizations to add certificates, packages, or configurations and still inherit updates from the base image. Interest in FedRAMP-ready images reinforced that secure-by-default solutions are in demand across highly regulated industries, and can accelerate an organization’s FedRAMP process. Docker Hardened Images Customization On the AI Stage, Per Krogslund explored how emerging AI agents raise new questions around trust and governance, but do not require reinventing security from scratch. Proven container security patterns—including isolation, gateway controls, and pre-runtime validation—apply directly to these workloads. Hardened images provide a crucial, trusted launchpad for AI systems too, ensuring a secure and compliant foundation before a single agent is deployed. Black Hat 2025 is in the books, but the conversation about building secure foundations is just getting started. In response to the fantastic customer feedback, Docker Hardened Images’ roadmap now features more workflow integrations, many more verified images in the catalog, and a lot more. Watch this space!