Core concepts

Docker Hardened Images (DHIs) are built on a foundation of secure software supply chain practices. This section explains the core concepts behind that foundation, from signed attestations and immutable digests to standards like SLSA and VEX.

Start here if you want to understand how Docker Hardened Images support compliance, transparency, and security.

Security metadata and attestations

{{< grid items="grid_concepts_metadata" >}}

Compliance standards

{{< grid items="grid_concepts_compliance" >}}

Vulnerability and risk management

{{< grid items="grid_concepts_risk" >}}

Image structure and behavior

{{< grid items="grid_concepts_structure" >}}

Verification and traceability

{{< grid items="grid_concepts_verification" >}}