Security
-
Jun 11, 2026
Docker Hardened Images enhanced vulnerability scanning with Docker and Aikido
Aikido now scans Docker Hardened Images (DHI) with built-in VEX support. Vulnerabilities that Docker has verified as non-exploitable drop out of the queue automatically, so developers spend their time on findings that actually matter. This post walks through what changed, why it matters, and how users can benefit from the new integration. Why teams are…
Read now
-
Apr 23, 2026
Trivy, KICS, and the shape of supply chain attacks so far in 2026
We caught a malicious image pushed to checkmarx/kics on Docker Hub, the image was quarantined, and we coordinated response with Socket and Checkmarx. This blog walks through what happened and why we believe open, fast collaboration is the key to responding to this new pattern of emerging supply chain attacks.
Read now
-
Mar 13, 2026
Secure Agent Execution with NanoClaw and Docker Sandboxes
NanoClaw integrates with Docker Sandboxes to run AI agents in disposable MicroVMs, combining transparency and isolation for secure execution.
Read now
-
Mar 3, 2026
Announcing Docker Hardened System Packages
Secure your container stack from the base image down. Docker Hardened System Packages offer multi-distro, secure-by-default components with near-zero CVEs.
Read now
-
Feb 10, 2026
Hardened Images Are Free. Now What?
Docker Hardened Images are now free. Learn the waterline model, supply chain isolation, VEX, and policy automation to cut CVE noise and meet compliance.
Read now
-
Dec 19, 2025
Docker Hardened Images: Security Independently Validated by SRLabs
Earlier this week, we took a major step forward for the industry. Docker Hardened Images (DHI) is now available at no cost, bringing secure-by-default development to every team, everywhere. Anyone can now start from a secure, minimal, production-ready foundation from the first pull, without a subscription. With that decision comes a responsibility: if Docker Hardened Images become…
Read now
-
Dec 14, 2025
Private MCP Catalogs and the Path to Composable Enterprise AI
See how private MCP catalogs as OCI artifacts enable trusted, versioned discovery, dynamic toolchains, and GitOps-friendly, sandboxed agents for enterprise AI.
Read now
-
Nov 25, 2025
Securing the software supply chain shouldn’t be hard. According to theCUBE Research, Docker makes it simple
In today’s software-driven economy, securing software supply chains is no longer optional, it’s mission-critical. Yet enterprises often struggle to balance developer speed and security. According to theCUBE Research, 95% of organizations say Docker improved their ability to identify and remediate vulnerabilities, while 79% rate it highly effective at maintaining compliance with security standards. Docker embeds…
Read now