Christian Dupuis
-
Docker Hardened Images: crafted by humans, protected by AI
At Docker, we are building our hardened images to exacting standards. That means carefully crafting by hand, because humans are still the best security architects. That said, we understand the value of AI and deploy it as an extra set of eyes at critical junctures in our Docker Hardened Image (DHI) build process. With this…
Read now
-
100% Transparency and Five Pillars
How to Do Hardened Images (and Container Security) Right Container security is understandably a hot topic these days, with more and more workloads running atop this mainstay of the cloud native landscape. While I might be biased because I work at Docker, it is safe to say that containers are the dominant form factor for…
Read now
-
The Supply Chain Paradox: When “Hardened” Images Become a Vendor Lock-in Trap
Explore the paradox of hardened container images—strong security gains but hidden vendor lock-in risks. Learn how to harden without losing control.
Read now
-
Remocal and Minimum Viable Models: Why Right-Sized Models Beat API Overkill
Cut costs, reduce latency, and build faster with right-sized AI. Learn why Remocal and Minimum Viable Models are the future of practical AI development.
Read now
-
Everyone’s a Snowflake: Designing Hardened Image Processes for the Real World
Why flexible hardened images drive real security. Learn how platform teams can balance security, usability, and developer happiness at scale.
Read now
-
Hard Questions: What You Should Really Be Asking Your Hardened Image Provider Before You Press the Buy Button
Not all hardened images are secure. Ask these 15+ critical questions to evaluate providers’ patching, flexibility, transparency, and CI/CD compatibility
Read now
-
Security Advisory: High Severity OpenSSL Vulnerabilities
UPDATE: The OpenSSL Project has officially disclosed two high-severity vulnerabilities: CVE-2022-3602 and CVE-2022-3786. These CVEs impact all OpenSSL versions after 3.0. The sole exception is version 3.0.7, which contains fixes for those latest vulnerabilities. Previously, these CVEs were thought to be “critical.” Learn more here.
Read now
-
Resolve Vulnerabilities Sooner With Contextual Data
OpenSSL 3.0.7 and “Text4Shell” won’t be the last critical vulnerabilities to plague your development team. Here’s how contextual data, Docker, and Atomist can help you remediate.
Read now