Back

Aikido Enhances Docker Security with VEX Integration for Vulnerability Management

Severity: Low (Score: 27.9)

Sources: Aikido.Dev, luma.com

Published: 2026-06-11 · Updated: 2026-06-11

Keywords: docker, aikido, supports, hardened, images, return, hundreds

Severity indicators: rat

Summary

Aikido has integrated support for Docker Hardened Images, utilizing VEX attestations to filter out irrelevant CVEs during scans. This new feature reduces the number of flagged vulnerabilities from potentially hundreds to only those that are truly exploitable. Docker's VEX (Vulnerability Exploitability eXchange) provides data on which CVEs are not applicable to specific images, allowing for more efficient security management. Aikido's system suppresses non-exploitable vulnerabilities, ensuring security teams focus on critical issues. The integration aims to address the common problem of alert fatigue among developers, who often encounter overwhelming numbers of CVEs. A live demonstration of this integration is scheduled for June 25, 2026, to showcase its functionality and benefits. This development is expected to enhance container security and compliance efforts significantly. Key Points: • Aikido now supports Docker Hardened Images with VEX integration. • The integration reduces irrelevant CVEs flagged during scans, improving focus on critical vulnerabilities. • A live demo of the Aikido x Docker integration is scheduled for June 25, 2026.

Detailed Analysis

**Impact** Organizations using containerized applications, particularly those leveraging Docker Hardened Images, benefit from significantly reduced vulnerability noise during security scans. This improvement affects development, security, and compliance teams globally by decreasing alert fatigue and enabling focus on exploitable vulnerabilities. The integration supports any entity connected to Docker Hub registries, with no geographic or sector limitations specified. **Technical Details** The integration uses Docker’s Vulnerability Exploitability eXchange (VEX) attestations embedded in hardened images to filter out CVEs that are non-exploitable in specific container builds. Aikido automatically pulls signed SBOMs and cross-references Docker’s VEX data during scans to suppress irrelevant CVEs before alerts reach users. No malware, attack vectors, or active exploitation details are provided in the source material. **Recommended Response** Defenders should connect their Docker Hub registries to Aikido to enable automatic VEX-based filtering of container vulnerability scans. This requires generating a read-only access token and linking it via Aikido’s container settings. Monitoring suppressed CVEs in the Ignored tab is advised to maintain visibility and compliance documentation. No additional patching or detection configurations are specified beyond adopting Docker Hardened Images and enabling the integration.

Source articles (2)

  • Aikido Supports Docker Hardened Images with VEX — Aikido.Dev · 2026-06-11
    TL;DR: Aikido now supports Docker Hardened Images. A scan that used to return hundreds of CVEs collapses to the handful that actually apply, because Docker's VEX attestations filter out everything the…
  • Join us live on June 25 to see the Aikido x Docker integration in action. — luma.com · 2026-06-11
    ​ Container scans can return hundreds of CVEs, but not all of them actually need attention. ​ In this session, Bjorn Hovd , Senior Solutions Engineer at Docker , and Mackenzie Jackson , Field CTO at A…

Timeline

  • 2026-06-11 — Aikido announces Docker Hardened Images support: Aikido integrates VEX attestations to filter out non-exploitable CVEs, enhancing container security.
  • 2026-06-11 — Live demo scheduled for Aikido x Docker integration: Aikido and Docker will present a live demonstration of the new integration on June 25, 2026.

Related entities

  • Docker (Tool)
  • Docker Hub (Platform)
Loading threat details...

Threat Not Found

The threat cluster you're looking for doesn't exist or has been removed.

Return to Feed