Skip to Content

Docker Hardened Images Attestations and Verification Guide

Learn what Docker Hardened Image attestations are, why they matter for supply‑chain security, and how to verify them using Docker Scout and standard tools.
31 January 2026 by
Suraj Barman

What are Docker Hardened Image Attestations?

Docker Hardened Images (DHI) are shipped with a set of signed JSON documents called attestations. Each attestation describes a specific security property of the image and is signed by the build service.

  • Subject – the container image digest the attestation applies to.
  • Predicate – the claim being made (for example, “FIPS‑140‑3 compliant”).
  • Signature – a cryptographic signature that proves the claim originates from Docker.

Why are Attestations Important?

Attestations provide verifiable evidence for compliance, vulnerability management, and supply‑chain integrity. They enable organizations to:

  • Demonstrate regulatory compliance such as FIPS, STIG, or CIS benchmarks.
  • Automate vulnerability exclusion with VEX statements.
  • Trace the exact source code and build parameters used to create an image.
  • Confirm that images have not been tampered with.

How to Retrieve Attestations

Docker Scout can fetch any attestation by specifying its predicate‑type URI. The general command pattern is:

  • docker scout attestation get --image --type --output .json

Example for SLSA provenance:

  • docker scout attestation get --image myrepo/app:1.0 --type --output provenance.json

How to Verify Signatures and Provenance

Verification consists of three steps:

  • Confirm the attestation is bound to the image digest you are inspecting.
  • Validate the cryptographic signature against Docker’s public key.
  • Inspect the predicate content, such as source repository, commit hash, or FIPS certificate ID.

Docker Scout performs these checks automatically and reports success or failure.

Common Attestation Types

  • SLSA provenance – build source, builder identity, and parameters.
  • CycloneDX SBOM – complete list of packages and versions.
  • SPDX SBOM – software bill of materials in SPDX format.
  • FIPS compliance – evidence of FIPS‑140‑3 certified cryptographic modules.
  • STIG scan – results of Security Technical Implementation Guide checks.
  • Vulnerability scan – CVE assessment.
  • VEX report – exploitability statements for identified CVEs.

Using Docker Scout for Automated Verification

Docker Scout integrates attestation retrieval and validation into a single workflow.

  • docker scout cves --image – scans the image, applies VEX statements, and reports only exploitable CVEs.
  • docker scout attestations verify --image – checks that all required attestations are present and correctly signed.

Integrating Attestation Checks into CI/CD

Embedding verification in pipelines ensures that only compliant images progress to production.

  • Run docker scout attestation get and store the JSON files as build artifacts.
  • Use docker scout attestations verify as a gate step; fail the job on any verification error.
  • Publish the SBOM (CycloneDX or SPDX) to an artifact repository for downstream license and risk analysis.