Sign In Get Started
Newsletter

Docker Navigator: AI Execution, Secure Workflows, and Reliable Delivery

Issue #0028
April 16, 2026
Payal Sharma

Stay in the know

Stay up to date on the latest Docker news, opinions and tools.

Thank you for your interest. The Docker Team will be in touch.
Mar 10, 2026

What’s Holding Back AI Agents? It’s Still Security

Learn how AI agent security is holding teams back, where MCP comes in, and the recommended next steps for enterprises looking to scale their agentic workflows.

yiwen
Yiwen Xu

Read now

Docker Captain Mar 18, 2026

From the Captain’s Chair: Naga Santhosh Reddy Vootukuri

Docker Captains are leaders from the developer community that are both experts in their field and are passionate about sharing their Docker knowledge with others. “From the Captain’s Chair” is a blog series where we get a closer look at one Captain to learn more about them and their experiences.  Today we are interviewing Naga…

santhosh headshot Naga Santhosh Reddy Vootukuri
Naga Santhosh Reddy Vootukuri

Read now

Welcome to the April edition of Docker Navigator. Missed an issue? Read past issues in our collection

AI is starting to move from generating code to executing it, changing what developers need from the systems around it. At the same time, teams are working across more constrained and distributed environments, raising new expectations around where Docker can run and how workflows are secured. This edition explores how to run agents in isolated environments, build practical AI pipelines locally, extend Docker to new environments, and strengthen the reliability of everyday workflows.

Docker Sandboxes

Docker Sandboxes: Run Agents in YOLO Mode, Safely

Docker is introducing Sandboxes, a new way to run AI agents in “YOLO mode” safely. By isolating agents inside lightweight microVMs, developers can let them execute and iterate autonomously without risking their host environment or secrets. It reframes the tradeoff between speed and safety, making autonomous agent workflows practical from day one. Read the docs to get started.

Docker Offload now Generally Available: The Full Power of Docker, for Every Developer, Everywhere

Docker Offload is now generally available, bringing Docker to environments that previously couldn’t run it, including VDIs and locked-down machines. No workarounds, no compromises. It’s the same CLI, same workflows, and same Docker Desktop experience you already know, now available anywhere teams need to build. Learn more and get started in the docs.

Docker News

Trivy supply chain compromise: What Docker Hub users should know

Threat actors compromised Aqua Security’s CI/CD pipeline in March, pushing backdoored versions of the aquasec/trivy scanner to Docker Hub. This post explains what happened, how Docker responded, and what actions to take if you were impacted.

Gemma 4 is Here: Now Available on Docker Hub

Pull Gemma 4 from Docker Hub and start building with open multimodal models designed for efficient and high-performance inference.

Dive Deep: AI execution, secure workflows, and production reliability

AI is no longer just generating code – it’s starting to execute it. This month’s deep dives look at what that requires in practice, from isolated environments for autonomous agents to local model execution, along with the security and reliability foundations teams need to support it.

image5

AI agents need infrastructure, not just prompts

Docker is building toward a new model of software development where teams of AI agents can plan, build, and iterate in parallel. With Docker Agent and Sandboxes, each agent runs inside an isolated microVM, giving it the freedom to execute code, modify systems, and collaborate without risking the host environment.

Work like NanoClaw extends this further with a security layer designed for agent-driven workflows. A conversation between Warp CEO Zach Lloyd and Docker President Mark Cavage explores what it takes to scale agents beyond local environments, from orchestration and parallelism to safe execution. Together, this signals a shift from prompting individual models to orchestrating autonomous, multi-agent systems.

From running local models to building real workflows

Running models locally is only part of the story. With Docker Model Runner and NVIDIA DGX Station, developers can run powerful models close to where they work while maintaining control and performance.

The next step is turning that capability into repeatable workflows, like building a local news roundup pipeline that searches, analyzes, and structures information automatically. Together, these examples show how local AI moves from experimentation to practical, cost-efficient automation.

Securing software delivery in an automated world

Recent supply chain incidents are a reminder that security is no longer a single tool or checkpoint. This guide on defending your software supply chain outlines what engineering teams should be doing now, from tightening build pipelines to verifying dependencies and improving visibility across the lifecycle.

The focus is on practical steps that reduce risk without slowing teams down, especially as automation and AI become more embedded in development workflows.

Why end-to-end tests keep failing

End-to-end tests often fail for reasons unrelated to real regressions, creating noise and slowing teams down. This post on native E2E test reliability explores how to make testing more deterministic by addressing common sources of flakiness and improving environment consistency. The goal is simple: give developers tests they can trust so pipelines can move faster.

Around the Community

Connect with the Docker community to learn, ask questions, and stay up to date with what’s new in containerization. Explore the Docker Forum for active discussions and our Events page for what’s happening next.

  • In this thread, the community discusses implementing Docker MCP Toolkit inside a Docker sandbox. While MCP servers appear to load correctly, execution fails with SSL certificate verification errors. The issue stems from the sandbox’s proxy using a self-signed certificate that inner containers don’t trust. The community resolved this by explicitly adding and trusting the proxy’s CA certificate into the MCP container images.
  • Check out the newly launched Labs within Docker docs, where developers can complete hands-on workshops across AI apps, containers, and real-world development workflows.
  • Docker’s Ship Happens Podcast: watch the latest episodes Infrastructure, Engineering Trust, Efficiency, and Change and Systems Thinking for Modern Engineering to understand how modern systems fail, from hidden dependencies to DNS fragility, and how teams build resilience.

On the Calendar

Meet our Product and Engineering teams at leading tech conferences, where they share expertise, explore Docker’s latest advancements, and collaborate with the global tech community to shape the future of innovation.

  • AI Dev X 26 SF, The AI Developers Conference — San Francisco, CA, USA — April 28-29.
    Docker is heading to AI Dev 26, joining builders focused on taking AI into production. Tushar Jain (EVP of Engineering at Docker) will deliver a keynote, “Shipping Agents Safely: Boundaries That Actually Work.” Join us onsite and connect with the Docker team.

Can’t make it in person? Join upcoming Docker webinars live or on demand.

Explore our on-demand webinar library for sessions from Product and Engineering teams, including:

That’s a Wrap

Thank you for reading Docker Navigator! If you enjoyed this issue, please share it with your friends so they can subscribe now

Got any feedback or suggestions for our next issue? Send comments to newsletter@docker.com.