diff --git a/Dockerfile b/Dockerfile
index 80cac2d8070c4d20a979706b61ddd0a7327c1f1e..9408762203335175084f273419048f0e9c910119 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,8 +14,9 @@ RUN yum update --setopt=tsflags=nodocs -y && \
 
 RUN mkdir /usr/share/kibana
 WORKDIR /usr/share/kibana
-COPY --chown=1000:0 kibana-7.10.0-linux-x86_64.tar.gz .
-RUN tar --strip-components=1 -zxf kibana-7.10.0-linux-x86_64.tar.gz
+COPY --chown=1000:0 kibana-7.10.2-linux-x86_64.tar.gz .
+RUN tar --strip-components=1 -zxf kibana-7.10.2-linux-x86_64.tar.gz
+
 # Ensure that group permissions are the same as user permissions.
 # This will help when relying on GID-0 to run Kibana, rather than UID-1000.
 # OpenShift does this, for example.
@@ -31,15 +32,19 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 EXPOSE 5601
 
 RUN yum update --setopt=tsflags=nodocs -y && \
-      yum install -y fontconfig freetype shadow-utils libnss3.so && \
+      yum install -y fontconfig freetype shadow-utils nss && \
       yum clean all
 
 COPY LICENSE /licenses/elastic-kibana
 
 # Add a dumb init process
-WORKDIR /usr/local/bin
-COPY dumb-init /usr/local/bin/dumb-init
-RUN chmod +x /usr/local/bin/dumb-init
+COPY tini /bin/tini
+RUN chmod +x /bin/tini
+
+# Noto Fonts
+RUN mkdir /usr/share/fonts/local
+COPY NotoSansCJK-Regular.ttc /usr/share/fonts/local/NotoSansCJK-Regular.ttc
+RUN fc-cache -v
 
 # Bring in Kibana from the initial stage.
 COPY --from=prep_files --chown=1000:0 /usr/share/kibana /usr/share/kibana
@@ -56,19 +61,16 @@ COPY --chown=1000:0 config/kibana.yml /usr/share/kibana/config/kibana.yml
 # variables and translate them to Kibana CLI options.
 COPY --chown=1000:0 scripts/kibana-docker /usr/local/bin/
 
-# Ensure gid 0 write permissions for OpenShift.
-RUN chmod g+ws /usr/share/kibana && find /usr/share/kibana -gid 0 -and -not -perm /g+w -exec chmod g+w {} \;
-
 # Remove the suid bit everywhere to mitigate "Stack Clash"
 RUN find / -xdev -perm -4000 -exec chmod u-s {} +
 
 # Provide a non-root user to run the process.
-RUN groupadd --gid 1000 kibana && useradd --uid 1000 --gid 1000 --home-dir /usr/share/kibana --no-create-home kibana
-USER kibana
-
-LABEL org.label-schema.schema-version="1.0" org.label-schema.vendor="Elastic" org.label-schema.name="kibana" org.label-schema.version="7.10.0" org.label-schema.url="https://www.elastic.co/products/kibana" org.label-schema.vcs-url="https://github.com/elastic/kibana" org.label-schema.license="Elastic License" license="Elastic License"
+RUN groupadd --gid 1000 kibana && \
+    useradd --uid 1000 --gid 1000 -G 0 \
+      --home-dir /usr/share/kibana --no-create-home \
+      kibana
 
-ENTRYPOINT ["/usr/local/bin/dumb-init", "--"]
+ENTRYPOINT ["/bin/tini", "--"]
 
 CMD ["/usr/local/bin/kibana-docker"]
 
diff --git a/Jenkinsfile b/Jenkinsfile
deleted file mode 100644
index f60d67a16f97c28d8a3e13b718cf7462a86748c8..0000000000000000000000000000000000000000
--- a/Jenkinsfile
+++ /dev/null
@@ -1,2 +0,0 @@
-@Library('DCCSCR@master') _
-dccscrPipeline(version: '7.10.0')
diff --git a/download.json b/download.json
deleted file mode 100644
index 4dc3748b8b3dcb84d33e5b00a283c15e6784ad13..0000000000000000000000000000000000000000
--- a/download.json
+++ /dev/null
@@ -1,20 +0,0 @@
-{
-  "resources": [
-    {
-      "url": "https://artifacts.elastic.co/downloads/kibana/kibana-7.10.0-linux-x86_64.tar.gz",
-      "filename": "kibana-7.10.0-linux-x86_64.tar.gz",
-      "validation": {
-        "type": "sha512",
-        "value": "385fe5d875ba074e0931a1e9ebbac8e3d91d300ca478f589da06b01c68e4694c5953a538afd6c385bdccec0f0d3cda1a5dc39f1b56e41d584cdcab8fba466677"
-      }
-    },
-    {
-      "url": "https://github.com/Yelp/dumb-init/releases/download/v1.2.2/dumb-init_1.2.2_amd64",
-      "filename": "dumb-init",
-      "validation": {
-        "type": "sha256",
-        "value": "37f2c1f0372a45554f1b89924fbb134fc24c3756efaedf11e07f599494e0eff9"
-      }
-    }
-  ]
-}
diff --git a/hardening_manifest.yaml b/hardening_manifest.yaml
new file mode 100644
index 0000000000000000000000000000000000000000..52c0f1056a13bb37e42f624b4becbfaddb0123f9
--- /dev/null
+++ b/hardening_manifest.yaml
@@ -0,0 +1,58 @@
+---
+apiVersion: v1
+
+# The repository name in registry1, excluding /ironbank/
+name: "elastic/kibana/kibana"
+
+# List of tags to push for the repository in registry1
+# The most specific version should be the first tag and will be shown
+# on ironbank.dsop.io
+tags:
+- "7.10.2"
+- "latest"
+
+# Build args passed to Dockerfile ARGs
+args:
+  BASE_IMAGE: "redhat/ubi/ubi8"
+  BASE_TAG: "8.3"
+
+# Docker image labels
+labels:
+  org.opencontainers.image.title: "kibana"
+  org.opencontainers.image.description: "Your window into the Elastic Stack."
+  org.opencontainers.image.licenses: "Elastic License"
+  org.opencontainers.image.url: "https://www.elastic.co/products/kibana"
+  org.opencontainers.image.vendor: "Elastic"
+  org.opencontainers.image.version: "7.10.2"
+  # mil.dso.ironbank.image.keywords: ""
+  # mil.dso.ironbank.image.type: "commercial"
+  mil.dso.ironbank.product.name: "Kibana"
+
+# List of resources to make available to the offline build context
+resources:
+- filename: kibana-7.10.2-linux-x86_64.tar.gz
+  url: https://artifacts.elastic.co/downloads/kibana/kibana-7.10.2-linux-x86_64.tar.gz
+  validation:
+    type: sha512
+    value: aa68f850cc09cf5dcb7c0b48bb8df788ca58eaad38d96141b8e59917fd38b42c728c0968f7cb2c8132c5aaeb595525cdde0859554346c496f53c569e03abe412
+- filename: tini
+  url: https://github.com/krallin/tini/releases/download/v0.19.0/tini-amd64
+  validation:
+    type: sha512
+    value: 8053cc21a3a9bdd6042a495349d1856ae8d3b3e7664c9654198de0087af031f5d41139ec85a2f5d7d2febd22ec3f280767ff23b9d5f63d490584e2b7ad3c218c
+- filename: NotoSansCJK-Regular.ttc
+  url: https://github.com/googlefonts/noto-cjk/raw/NotoSansV2.001/NotoSansCJK-Regular.ttc
+  validation:
+    type: sha512
+    value: 0ce56bde1853fed3e53282505bac65707385275a27816c29712ab04c187aa249797c82c58759b2b36c210d4e2683eda92359d739a8045cb8385c2c34d37cc9e1
+
+# List of project maintainers
+maintainers:
+- email: "tyler.smalley@elastic.co"
+  name: "Tyler Smalley"
+  username: "tylersmalley"
+  cht_member: false
+- email: "klepal_alexander@bah.com"
+  name: "Alexander Klepal"
+  username: "alexander.klepal"
+  cht_member: true
diff --git a/scripts/kibana-docker b/scripts/kibana-docker
index f8d5bd75260a689bb1723adbe0e9f1bd997f532e..49feba178f3e8c38ff93335ed06d030e8e94d459 100755
--- a/scripts/kibana-docker
+++ b/scripts/kibana-docker
@@ -162,6 +162,9 @@ kibana_vars=(
     xpack.code.security.gitProtocolWhitelist
     xpack.encryptedSavedObjects.encryptionKey
     xpack.encryptedSavedObjects.keyRotation.decryptionOnlyKeys
+    xpack.fleet.agents.elasticsearch.host
+    xpack.fleet.agents.kibana.host
+    xpack.fleet.agents.tlsCheckDisabled
     xpack.graph.enabled
     xpack.graph.canEditDrillDownUrls
     xpack.graph.savePolicy
@@ -234,6 +237,7 @@ kibana_vars=(
     xpack.security.authc.oidc.realm
     xpack.security.authc.saml.realm
     xpack.security.authc.saml.maxRedirectURLSize
+    xpack.security.authc.selector.enabled
     xpack.security.cookieName
     xpack.security.enabled
     xpack.security.encryptionKey