A Secure Supply Chain for Kubernetes, Part 2
Two weeks ago we shared how the upcoming release of Docker Enterprise Edition (Docker EE) is able to secure the software supply chain for Kubernetes; just as it does for Docker Swarm through a combination of scanning for vulnerabilities and implementing image promotion pol...
Securing the Enterprise Software Supply Chain Using Docker
At Docker we have spent a lot of time discussing runtime security and isolation as a core part of the container architecture. However that is just one aspect of the total software pipeline. Instead of...
Docker Content Trust Gets Hardware Signing
Three months ago we launched Docker Content Trust, integrating the guarantees from The Update Framework (TUF) into Docker using Notary, an open source tool that provides trust over any content. Today...