Justin Cormack
-
Securing Model Context Protocol: Safer Agentic AI with Containers
Learn about the new challenges of MCP security, where many current MCP tools fall short, and how containers help maintain best practices.
Read now
-
Highlights from Microsoft Build: Docker’s Innovations with AI and Windows on Arm
Windows is back! Docker CTO Justin Cormack talks about this and other takeaways from Microsoft Build 2024, including recently announced (and long-awaited) Docker Desktop support for Windows on Arm.
Read now
-
OpenSSH and XZ/liblzma: A Nation-State Attack Was Thwarted, What Did We Learn?
Docker CTO Justin Cormack looks at what we can learn from malicious code in upstream tarballs of xz targeted at a subset of OpenSSH servers. “It is hard to overstate how lucky we were here, as there are no tools that will detect this vulnerability.”
Read now
-
Docker Acquires Mutagen for Continued Investment in Performance and Flexibility of Docker Desktop
Docker acquires Mutagen, the open source software leveraging file synchronization and networking technologies, to invest in the future of Docker Desktop.
Read now
-
Announcing Docker SBOM: A step towards more visibility into Docker images
Image visibility and transparency are key to securing your software supply chain. Learn how our Docker SBOM feature highlights core image components.
Read now
-
Investing In Performance, Trust and Great Experiences for Developers
Docker is nine years old? Seems both like yesterday and a long time ago! The technology world has changed a lot since then, and Docker has played a key role in making it easy for developers to build and ship applications wherever they’re needed. What were the key changes that Docker introduced? Well, when Docker…
Read now
-
Apache Log4j 2 CVE-2021-44228
Update: 13 December 2021 As an update to CVE-2021-44228, the fix made in version 2.15.0 was incomplete in certain non-default configurations. An additional issue was identified and is tracked with CVE-2021-45046. For a more complete fix to this vulnerability, it’s recommended to update to Log4j2 2.16.0. ————————————————————————————- Original post below has now been updated: 15…
Read now
-
Docker Verified Publisher: Trusted Sources, Trusted Content
November 2024 update: Announcing Upgraded Docker Plans: Simpler, More Value, Better Development and Productivity — Six months since its launch at DockerCon, the Docker Verified Publisher program delivers on its promise to developers and partners alike The Docker Verified Publisher program means trusted content and trusted sources for the millions of Docker users. At the…
Read now