security
-
Docker Security Advisory: Multiple Vulnerabilities in runc, BuildKit, and Moby
Docker security advisory about multiple vulnerabilities in runc, BuildKit, and Moby: We will publish patched versions of runc, BuildKit, and Moby on January 31 and release an update for Docker Desktop on February 1 to address these vulnerabilities. Additionally, our latest Moby and BuildKit releases will include fixes for CVE-2024-23650 and CVE-2024-24557, discovered respectively by an independent researcher and through Docker’s internal research initiatives.
Read now
-
EJBCA and Docker — Streamlining PKI Management and TLS Certificate Issuance
Learn how to deploy EJBCA as a Docker container, making your infrastructure setup more modern, efficient, and flexible for your security and certificate management needs.
Read now
-
How to Enhance Application Security Posture with Docker Scout Policies
Learn how Docker Scout policies can help development and security teams define and achieve an ideal application security posture for organizations.
Read now
-
How to Use OpenPubkey to SSH Without SSH Keys
Learn how OpenPubkey SSH (OPK SSH) allows you to use your regular email account or SSO to log in and securely connect to an SSH server.
Read now
-
How to Use OpenPubkey with GitHub Actions Workloads
Learn how to use OpenPubkey to bind public keys to workload identities using GitHub Actions and Docker. And find out how Docker is using OpenPubkey with GitHub Actions to sign Docker Official Images and improve supply chain security.
Read now
-
Using Authenticated Logins for Docker Hub in Google Cloud
Learn four best practices that your teams can implement to maintain a secure and reliable software delivery process with Docker Hub in Google Cloud. With these guidelines, you can leverage the benefits of open source software while safeguarding your development workflow.
Read now
-
Achieve Security and Compliance Goals with Policy Guardrails in Docker Scout
We show how Docker Scout policies enable teams to identify, prioritize, and fix their software quality issues at the point of creation.
Read now
-
Signing Docker Official Images Using OpenPubkey
Learn about the updated Docker Official Images (DOI) signing strategy and how OpenPubkey can be leveraged to smooth the flow and decrease the number of third-party entities the verifier is required to trust.
Read now