2026-06-15 16:24
🚀 Docker has joined the Athena coalition to enhance supply chain security amidst growing AI-driven attacks. CISO Mark Lechner highlights that AI can now discover vulnerabilities at unprecedented speeds. This shift emphasizes the need for secure and transparent products. Docker's initiatives include sandboxed execution, trusted open-source images, and governed access to tools. Collaborating with partners is crucial for a comprehensive defense against threats. #SupplyChainSecurity #Docker #AI...
Source: Docker Blog
Aditya Tripathi
2026-06-11 12:00
🚀 Exciting news for developers! Aikido has enhanced its scanning capabilities for Docker Hardened Images (DHI) with built-in VEX support. This update allows vulnerabilities verified as non-exploitable by Docker to be filtered out automatically, helping teams focus on critical findings. To get started, you’ll need an Aikido account, access to DHIs, and a Docker Hub Personal Access Token. Learn how to connect and scan your images efficiently! #Docker #Aikido #CyberSecurity #DevOps...
Source: Docker Blog
Dan Berezin Stelzer
2026-06-08 19:54
Understanding software supply chain security is essential for development teams. With open-source malware on the rise, organizations must implement effective practices now. 🚀 This article outlines five best practices, including starting with trusted content, verifying build provenance, and integrating vulnerability analysis into workflows. 📦🔍 By treating supply chain security as an engineering discipline, teams can better protect their software against sophisticated attacks. #SoftwareSecurity...
Source: Docker Blog
Aditya Tripathi
2026-06-05 18:39
AI governance is essential as the use of AI agents grows. 🚀 According to a recent report, 60% of organizations have AI agents in production, but 40% face security and compliance challenges. This highlights the need for effective governance to bridge the gap between adoption and oversight. 📊 AI governance includes frameworks, policies, and controls that ensure responsible AI deployment. It covers ethics, compliance, risk management, and technical safeguards throughout the AI lifecycle....
Source: Docker Blog
Srini Sekaran
2026-06-04 17:02
Security teams often find numerous vulnerabilities when scanning container environments, primarily from unnecessary packages in base images rather than application code. These extraneous components can significantly increase risk. Hardened images address this issue by including only essential runtime components, reducing the attack surface by up to 95%. They also provide verifiable metadata to ensure security and integrity. By minimizing unnecessary packages, hardened images help streamline...
Source: Docker Blog
Aditya Tripathi
2026-06-03 18:24
Software supply chain security is crucial in today's software development landscape. According to Sonatype's 2026 report, over 454,000 malicious packages were published in 2025, bringing the total to over 1.2 million since 2019. This highlights the growing risks as organizations increasingly rely on open source and complex delivery pipelines. Effective supply chain security safeguards every stage from code to deployment. It requires trusted content and a proactive approach to manage...
Source: Docker Blog
Aditya Tripathi
2026-06-02 16:11
🌐 AI agents are rapidly advancing, but security practices are not keeping pace. 🔒 A recent report reveals that 45% of organizations struggle to secure their AI tools. Traditional security models don't apply as agents operate autonomously, using multiple tools without human approval. 💡 Key security domains for AI agents include execution isolation, tool access control, identity management, and runtime monitoring. Effective security relies on infrastructure-level controls, not just permission...
Source: Docker Blog
Jackie Frederick
2026-06-01 15:51
🔒 **Understanding Sandbox Security** 🔒 Sandbox security is crucial for maintaining isolation in environments where AI agents operate. It enforces policies and controls to prevent threats from escaping containment. According to a recent report, 40% of respondents see security as a major challenge in scaling agentic AI. As AI agents execute code, robust security measures are essential. Key components include process isolation, network segmentation, resource limits, and runtime monitoring. These...
Source: Docker Blog
Srini Sekaran
2026-06-01 13:00
🚨 In Part 2 of our AI Coding Agent Horror Stories series, we delve into a real incident that highlights the vulnerabilities of AI coding agents. A developer’s request to clean up an old repository led to the deletion of their entire home directory due to a single command error. This illustrates the risks of AI agents executing commands without safeguards. Learn about the implications of such failures and how Docker Sandboxes can provide crucial isolation. #AICoding #Cybersecurity #Docker...
Source: Docker Blog
Jennifer Kohl
2026-05-27 13:00
🚨 A new Linux kernel vulnerability, CVE-2026-31431 (“Copy Fail”), has been disclosed. While it does not compromise Docker infrastructure, Docker Engine versions prior to v29.4.3 allowed certain risks. Docker containers could create AF_ALG sockets, which the exploit uses. If you're using Docker Engine v29.4.3 or have a patched host kernel, you’re safe. 🛡️ For those on unpatched systems, a kernel fix is available for Debian and RHEL 9, but not yet for Ubuntu. Upgrading Docker Engine can help...
Source: Docker Blog
Paweł Gronowski
2026-05-26 13:00
🚀 This year, a blog migration was completed using Claude Code, successfully moving 146 posts and 6,024 images to Astro. Improved performance metrics were achieved, but the author faced a significant issue—losing understanding of their own codebase. 🔍 Relying on AI coding agents can create a lack of visibility into code changes, raising security concerns. Autonomous agents can modify files and install packages without oversight, which may lead to vulnerabilities. 🔒 Docker Sandboxes aim to...
Source: Docker Blog
Jennifer Kohl
2026-05-19 19:08
Meet Gordon, Docker's new AI agent designed to enhance your container workflow! 🚀 Gordon understands your environment and can propose fixes, minimizing downtime when issues arise. It’s built into Docker Desktop and CLI, allowing you to go from problem to solution quickly, with your approval needed for each action. Starting free with any Docker account, Gordon offers scalability for developers needing robust support in their workflows. #Docker #AI #DevOps #Containerization #TechInnovation
Source: Docker Blog
Deanna Sparks
2026-05-18 13:00
🚨 **Coding Agent Horror Stories** Issue 1 explores critical security risks in the AI coding agent ecosystem. AI coding agents are now used in about 60% of development tasks, enhancing productivity. However, they also pose significant risks, capable of damaging systems in seconds. This series highlights documented failures and discusses how Docker Sandboxes can help mitigate these threats. Learn more about the balance between innovation and security! 🔒💻 #AICoding #Security #DevOps #TechTrends...
Source: Docker Blog
Jennifer Kohl
2026-05-15 13:00
🚀 Exciting news in AI tooling! Custom MCP Catalogs and Profiles are now available for managing Model Context Protocol (MCP) servers. These tools enable organizations to curate approved collections of MCP servers, enhancing security and efficiency. MCP Profiles allow developers to build, run, and share tools easily across teams. Learn how to create your own custom catalog and leverage these advancements today! #AITechnology #MCPServers #CustomCatalogs #DevTools #Innovation
Source: Docker Blog
Jin Kim
2026-05-13 10:38
📢 On April 15, NIST announced a new model for the National Vulnerability Database (NVD). While most CVEs will still be published, fewer will receive CVSS scores, CPE mappings, and CWE classifications. This shift reflects a trend observed over the past two years. Three categories will continue to receive full enrichment: CVEs in CISA’s Known Exploited Vulnerabilities catalog, those affecting federal software, and critical software as defined by Executive Order 14028. The rest will now be...
Source: Docker Blog
Dan Berezin Stelzer
2026-05-12 18:00
Introducing Docker AI Governance! 🚀 This new framework enables centralized control over how AI agents operate, including their network access and credentials. This ensures that developers can utilize AI safely, regardless of their work environment. Agents are transforming productivity across all functions, not just engineering. From sending emails to managing reports, their adoption is accelerating. However, they operate outside traditional security measures, making governance essential....
Source: Docker Blog
PeiFang Sung
2026-05-07 13:00
Exploring the future of AI interaction, Satya Nadella highlights that AI agents will soon be our primary interface with technology. To ensure safety, sandboxing is essential. It creates isolated environments for AI, minimizing risks like data loss from malicious actions. Different sandboxing methods, like chroot and systemd-nspawn, provide varying levels of isolation. Systemd-nspawn enhances security by isolating both processes and networks. #AIAgents #Sandboxing #TechInnovation...
Source: Docker Blog
Jennifer Kohl
2026-04-23 15:32
🚨 Recent supply chain attacks on Docker Hub have highlighted vulnerabilities in software publishing. In April 2026, malicious images were pushed to the Checkmarx KICS repository using stolen publisher credentials. This incident did not involve breaches of Docker's infrastructure. Affected users are advised to rotate credentials, pull images by digest, and check logs for potential exfiltration. For more details, ensure you're informed and prepared. 🛡️🔍 #SupplyChainSecurity #CyberSecurity...
Source: Docker Blog
Aditya Tripathi
2026-04-16 17:14
🚀 Last week, Docker introduced Sandboxes, aiming for top-tier agent isolation. 🔍 The article delves into how microVMs facilitate this approach. It compares traditional sandboxing methods, highlighting their limitations, such as slow performance and security risks. 🛡️ Docker Sandboxes utilize dedicated microVMs with isolated Docker daemons, ensuring strong security without compromising developer capabilities. #Docker #MicroVMs #Cybersecurity #DevOps #AI
Source: Docker Blog
Srini Sekaran
2026-04-14 21:48
🚀 One year after launching Docker Hardened Images (DHI), we've achieved significant milestones! With over 500k daily pulls and 2,000+ hardened images, our community-driven approach emphasizes security and accessibility. We focus on multi-distro support while ensuring continuous patching and verifiable artifacts. Our goal? To raise the security baseline for developers everywhere without paywalls. #Docker #Cybersecurity #OpenSource #DevSecOps #HardenedImages
Source: Docker Blog
Aditya Tripathi
2026-04-13 15:59
🚀 A recent collaboration between Docker and Arm highlights how the Docker MCP Toolkit and Arm MCP Server can assess Hugging Face Spaces for Arm64 readiness. 🔍 The analysis revealed that a common issue arises from hardcoded dependency URLs, affecting around 80% of Hugging Face Docker Spaces. This impacts the installation of models like ACE-Step v1.5 on Arm64 systems. 🛠️ A new 7-tool MCP chain has been developed to diagnose these issues quickly, providing insights into why certain models fail...
Source: Docker Blog
Jennifer Kohl
2026-04-08 18:23
🚀 Exciting news in container security! Mend.io has integrated with Docker Hardened Images (DHI) to streamline vulnerability management. This integration automatically distinguishes between base image vulnerabilities and application risks, helping teams focus on what matters most. Key features include automatic detection of DHI base images, visual indicators in the Mend UI, and dynamic risk triage using VEX data. With tools for automated governance, teams can manage SLAs, receive alerts, and...
Source: Docker Blog
Dan Berezin Stelzer
2026-04-02 18:14
The software supply chain is facing a significant threat from coordinated attacks. This week, axios, a widely used HTTP client library, was compromised through a hijacked maintainer account, leading to the deployment of backdoored versions. This incident follows a series of campaigns that have exploited trusted tools and packages, highlighting a pattern of attackers stealing credentials and poisoning trusted software. Organizations are advised to shift from implicit trust to explicit...
Source: Docker Blog
Dan Berezin Stelzer
2026-04-02 16:16
🚀 Exciting news! Gemma 4 is now available on Docker Hub, enhancing the landscape of AI models. This latest lightweight model features three architectures designed for efficiency and performance, making deployment straightforward with OCI artifacts. You can easily pull, share, and integrate models into your existing workflows. Gemma 4 supports multimodal tasks and advanced reasoning capabilities. Get started today with just one command: `docker model pull gemma4` #Gemma4 #DockerHub #AIModels...
Source: Docker Blog
Jennifer Angeles
2026-04-02 13:00
🚀 Exciting news for developers! Docker Offload is now generally available, enabling seamless use of Docker Desktop in environments that previously lacked support. By moving the container engine to Docker’s secure cloud, developers can run Docker from any setup—no changes to workflows needed. This means familiar commands and workflows are preserved. 🔧 Security remains a top priority, with encrypted connections and SOC 2 Certified infrastructure. Docker Offload allows teams to enhance...
Source: Docker Blog
Deanna Sparks
2026-03-31 17:57
🚀 Exciting updates from NVIDIA! The Docker Model Runner on the NVIDIA DGX Station now supports running large AI models locally. This enhances the user experience for developers familiar with Docker, allowing for easier model iteration. The DGX Station, featuring the powerful GB300 Grace Blackwell Ultra Desktop Superchip, offers superior performance compared to its predecessor, DGX Spark. With 252 GB of GPU memory, it is designed for advanced AI workloads. #NVIDIA #AI #Docker #TechUpdate...
Source: Docker Blog
Yiwen Xu
2026-03-31 16:39
🚀 Agents are transforming software development! Over 25% of production code is now AI-generated, and using agents can lead to a 60% increase in pull requests. However, to maximize these benefits, agents need to operate autonomously in what is called "YOLO mode." This poses risks if run directly on personal machines. Docker Sandboxes provide a safe environment, allowing agents to run freely within defined boundaries. This innovation enhances productivity and ensures strong isolation, reducing...
Source: Docker Blog
Srini Sekaran
2026-03-27 14:24
🚀 Exciting developments in IT automation! Philippe, a Principal Solutions Architect, has created a Docker Agent skill to streamline IT news roundups. By utilizing the Brave Search API, this skill fetches recent articles and processes them with a local model in Docker, generating structured Markdown reports. 📰 This setup allows users to minimize AI credit usage while maintaining a practical workflow. It requires Docker, a Brave Search account, and a local model capable of function calling....
Source: Docker Blog
Yiwen Xu
2026-03-23 23:25
🚨 **Security Alert for Docker Hub Users** 🚨 A recent security incident has impacted users of the Aqua Security Vulnerability scanner (Trivy). Between March 19 and March 23, 2026, compromised images (tags 0.69.4, 0.69.5, 0.69.6, and latest) may have exposed CI/CD secrets and cloud credentials. If you downloaded these images, please stop using them and rotate your credentials immediately. The compromised images have been removed from Docker Hub. For further monitoring, check your local image...
Source: Docker Blog
Aditya Tripathi
2026-03-18 16:00
🌟 Meet Naga Santhosh Reddy Vootukuri, a Principal Software Engineering Manager at Microsoft Azure SQL and a passionate Docker Captain! With over 17 years of experience, Sunny has contributed to notable CNCF projects like Dapr and Microcks. He actively shares his expertise through blogs, workshops, and conferences on topics such as Cloud computing and Microservices. Sunny's Docker journey began in 2016, sparked by a community event in Shanghai. His enthusiasm for knowledge sharing led him to...
Source: Docker Blog
Jennifer Kohl
2026-03-13 13:00
End-to-end (E2E) testing is essential for native apps across platforms, yet maintaining test reliability is more complex than writing them. 📱💻 The fragmented device ecosystem, gaps in frameworks, and unstable environments contribute to test flakiness. Teams often find themselves in a cycle of fixing tests rather than addressing root causes, leading to reduced trust in their test suites. 🔄 To improve reliability, strategies for test ownership and observability are critical. Examining...
Source: Docker Blog
Jin Kim
2026-03-13 12:17
Unlock the potential of Claude Code by running it with Docker! 🐳 This article explains how to set up Claude Code locally, allowing full control over data and infrastructure. It details connecting to MCP servers for seamless integration with tools like Jira and GitHub, enhancing automation in your workflow. ⚙️ Learn how to create secure sandboxes for safe execution of actions, ensuring your coding agents operate without compromising security. 🔒 #ClaudeCode #Docker #AIAssistant #MCP #Automation
Source: Docker Blog
Yiwen Xu
2026-03-13 12:01
🚀 Agents are evolving into powerful, personal AI assistants that automate tasks and workflows. 🔒 NanoClaw, a lightweight framework, is now integrating with Docker Sandboxes to ensure secure agent execution. Each agent runs in a disposable MicroVM, enhancing isolation and security. 💡 This shift emphasizes transparency and controlled environments, allowing teams to inspect code easily while minimizing risks. With this approach, agents can operate autonomously without compromising security. #AI...
Source: Docker Blog
Jin Kim
2026-03-12 12:50
📈 A recent survey found that 95% of developers prioritize building agents as they shift from demos to operational use. However, challenges remain, particularly concerning security and technical complexity. Many organizations face concerns over vendor lock-in, prompting a move towards multi-model and multi-cloud architectures for better control and compliance. ⚙️ Nearly 79% operate agents in multiple environments, with orchestration challenges being a significant hurdle. The focus is on...
Source: Docker Blog
Yiwen Xu
2026-03-11 13:00
🚀 Exciting advancements in AI development are here! The article discusses how Docker Sandboxes and Docker Agent can revolutionize team collaboration. Instead of juggling multiple tasks, specialized AI agents handle distinct roles like product management, design, backend development, QA, and bug fixing. Each agent works autonomously, focusing on their expertise to streamline the development process. This innovative approach not only enhances efficiency but also reduces the workload on...
Source: Docker Blog
Jennifer Kohl
2026-03-10 12:59
AI agents are becoming a key focus for organizations, with 95% of surveyed developers prioritizing their development. 🚀 While 60% report having AI agents in production, security remains a significant barrier. 40% cite it as the top challenge, affecting infrastructure, operations, and governance. ⚖️ Organizations seek secure, trustworthy tools to enable scalability and efficiency. Current solutions, like Model Context Protocol (MCP), show promise but are not yet fully enterprise-ready. 🔒...
Source: Docker Blog
Yiwen Xu
2026-03-06 12:59
🌟 In honor of International Women’s Day, we spoke with Cecilia Liu, Senior Product Manager at Docker, about her role in shaping Docker’s MCP solutions. Cecilia emphasizes the importance of making AI tooling accessible for developers, enabling secure and scalable deployment. She focuses on simplifying the user experience and enhancing developer productivity. Her insights reveal a commitment to addressing the unique challenges faced by both developers and enterprise customers. 🔗 #WomenInTech...
Source: Docker Blog
Yiwen Xu
2026-03-03 20:30
🚀 Exciting news for developers! Docker has announced Docker Hardened System Packages, enhancing security for your package manager. Last December, Docker made Hardened Images free, promoting strong security for all developers without complications. DHI is built on open-source foundations, allowing flexibility across different distributions like Alpine and Debian. With the new system packages, security is integrated deeper into the stack, ensuring consistency and reliability. The DHI catalog...
Source: Docker Blog
Vishrut Iyengar
2026-02-26 14:42
🚀 Exciting news for macOS users! Docker Model Runner now supports vllm-metal, enabling high-throughput LLM inference on Apple Silicon. This new backend integrates seamlessly with the existing vLLM infrastructure, allowing MLX models to be run with OpenAI-compatible APIs. Developed collaboratively by Docker and the vLLM project, vllm-metal uses Metal GPU and connects with PyTorch for enhanced performance. #Docker #vLLM #AppleSilicon #MachineLearning #AI
Source: Docker Blog
Yiwen Xu
2026-02-25 14:37
🚀 Exciting news for developers! Open WebUI and Docker Model Runner have integrated seamlessly, making self-hosted models easier to work with. Now, Open WebUI automatically connects to Docker Model Runner at localhost:12434 with zero configuration needed. This integration provides a hassle-free experience for managing models, allowing you to get started quickly. Simply run a command and access your models via a user-friendly web interface. For Docker Desktop users, remember to enable TCP...
Source: Docker Blog
Yiwen Xu