security
-
How to Measure DevSecOps Success: Key Metrics Explained
Discover two key metrics to measure your DevSecOps progression effectively. Learn how tracking security vulnerabilities over time and ensuring compliance with security policies can enhance your organization’s security posture, driving continuous improvement in your DevSecOps practices.
Read now
-
Docker Launches 2024 State of Application Development Report
The Docker 2024 State of Application Development Report offers insight into developers’ processes and tools, industry trends, Docker usage, and more.
Read now
-
Docker Announces SOC 2 Type 2 Attestation & ISO 27001 Certification
Docker demonstrates commitment to security by achieving SOC 2 Type 2 attestation and ISO 27001 certification.
Read now
-
Navigating Proxy Servers with Ease: New Advancements in Docker Desktop 4.30
Docker Desktop 4.30 offers new proxy authentication enhancements, especially on the Windows front, to ensure seamless integration and interaction.
Read now
-
Docker and JFrog Partner to Further Secure Docker Hub and Remove Millions of Imageless Repos with Malicious Links
Docker and JFrog partner further secure Docker Hub by removing millions of imageless repos with malicious links.
Read now
-
Debian’s Dedication to Security: A Robust Foundation for Docker Developers
We outline how and why Debian operates as a secure basis for development and makes a good choice for Docker Official Images.
Read now
-
From Misconceptions to Mastery: Enhancing Security and Transparency with Docker Official Images
Docker Official Images are an important component of Docker’s commitment to the security of both the software supply chain and open source software. We address three common misconceptions about Docker Official Images and outline seven ways they help secure the software supply chain.
Read now
-
OpenSSH and XZ/liblzma: A Nation-State Attack Was Thwarted, What Did We Learn?
Docker CTO Justin Cormack looks at what we can learn from malicious code in upstream tarballs of xz targeted at a subset of OpenSSH servers. “It is hard to overstate how lucky we were here, as there are no tools that will detect this vulnerability.”
Read now