Docker Hardened Images (DHI) provide developers with secure, minimal container images that are easy to adopt without workflow disruptions. They feature near-zero vulnerabilities, verifiable software bills of materials (SBOMs), and offer extended support for long-lived workloads. This solution is open-source under the Apache 2.0 license.

sbomify is a platform for managing Software Bills of Materials (SBOMs) and related documentation, offering features like version control, vulnerability scanning, and integrations with GitHub Actions. It supports CycloneDX and SPDX formats, and provides a web interface and API for uploading and managing documents and SBOMs, with options for both public and private access. The platform can be self-hosted or accessed online, with comprehensive deployment and development instructions available.