vault

Docker Official Image

Vault is a tool for securely accessing secrets via a unified interface and tight access control.

OpenSCAP

Docker Hardened Image

The OpenSCAP program is a command line tool that allows users to load, scan, validate, edit, and export SCAP documents.

grafana/grafana

Grafana Labs

The official Grafana docker container

bitnami/postgresql

VMware

Bitnami Secure Image for postgresql

bitnami/sealed-secrets-controller

VMware

Bitnami container image for Sealed Secrets

Keycloak

Docker Hardened Image

Keycloak is a high performance Java-based identity and access management solution. It lets developers add an authentication layer to their applications with minimum effort.

cert-manager-acmesolver

Docker Hardened Image

CA injector component for cert-manager

amazon/cloudwatch-agent

Amazon Web Services

Amazon CloudWatch Agent

Cert-Manager Helm chart

Docker Hardened Image

Cert-Manager is a TLS certificate management controller for Kubernetes.

lacework/datacollector

Lacework Inc

Lacework is cloud security for AWS, Azure, GCP and other public and private cloud.

nginxinc/nginx-unprivileged

NGINX Inc.

Unprivileged NGINX Dockerfiles

dynatrace/oneagent

Dynatrace

Non-immutable installer image for Dynatrace OneAgent

cert-manager-controller

Docker Hardened Image

Controller component for cert-manager

bitnami/mariadb

VMware

Bitnami Secure Image for mariadb

Trivy

Docker Hardened Image

Trivy is a comprehensive and versatile security scanner. Trivy has scanners that look for security issues, and targets where it can find those issues.

docker/ucp-auth

Docker, Inc.

Please refer to the docker/ucp image for more information

External Secrets Operator

Docker Hardened Image

External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, Akeyless, CyberArk Secrets Manager, Pulumi ESC and many more

bitnami/rabbitmq

VMware

Bitnami Secure Image for rabbitmq

clamav

Docker Hardened Image

ClamAV is an open source (GPLv2) anti-virus toolkit, designed especially for e-mail scanning on mail gateways.

External Secrets Operator Helm chart

Docker Hardened Image

External Secrets Operator is a Kubernetes operator that integrates external secret management systems like AWS Secrets Manager, HashiCorp Vault, Google Secrets Manager, Azure Key Vault, IBM Cloud Secrets Manager, Akeyless, CyberArk Secrets Manager, Pulumi ESC and many more

netdata/netdata

Netdata

The official image for monitoring systems, containers and applications with Netdata.

Harbor Registry Control

Docker Hardened Image

A minimal HTTP service providing management APIs for Docker registry operations like garbage collection and health monitoring

cert-manager-webhook

Docker Hardened Image

A minimal Cert Manager webhook image

bitnami/nginx

VMware

Bitnami Secure Image for nginx

Vault

Docker Hardened Image

Vault is a tool for securely accessing secrets.

cert-manager-cainjector

Docker Hardened Image

CA injector component cert-manager image

Istio Install CNI

Docker Hardened Image

Istio CNI installer image and daemonset for Kubernetes environments

Harbor Job Service is the asynchronous task execution component of Harbor registry that handles background operations like replication, garbage collection, vulnerability scanning, and retention policies.

kube-rbac-proxy

Docker Hardened Image

a small HTTP proxy for a single upstream, that can perform RBAC authorization against the Kubernetes API using SubjectAccessReview.