Docker Blog | Docker

Docker Blog

Docker Sandboxes: Run Agents in YOLO Mode, Safely

Agents have crossed a threshold. Over a quarter of all production code is now AI-authored, and developers who use agents are merging roughly 60% more pull requests. But these gains only come when you let agents run autonomously. And to unlock that, you have to get out of the way. That means letting agents run…

Read now

Products Community Engineering Company

Apr 23, 2026

Trivy, KICS, and the shape of supply chain attacks so far in 2026

We caught a malicious image pushed to checkmarx/kics on Docker Hub, the image was quarantined, and we coordinated response with Socket and Checkmarx. This blog walks through what happened and why we believe open, fast collaboration is the key to responding to this new pattern of emerging supply chain attacks.

Docker Security

Read now
Apr 16, 2026

Why MicroVMs: The Architecture Behind Docker Sandboxes

Last week, we launched Docker Sandboxes with a bold goal: to deliver the strongest agent isolation in the market. This post unpacks that claim, how microVMs enable it, and some of the architectural choices we made in this approach. The Problem With Every Other Approach Every sandboxing model asks you to give something up. We…

Srini Sekaran
and
Craig Gumbley

Read now
Apr 14, 2026

Why We Chose the Harder Path: Docker Hardened Images, One Year Later

We’re coming up on a year since launching Docker Hardened Images (DHI) this May, and in this blog we celebrate the milestones, talk about our approach, and look at some practices in the industry.

Christian Dupuis

Read now
Apr 13, 2026

How to Analyze Hugging Face for Arm64 Readiness

Learn how to scan Hugging Face Spaces for Arm64 readiness using Docker MCP Toolkit and Arm MCP Server in minutes.

Ajeet Singh Raina

Read now
Apr 8, 2026

Reclaim Developer Hours through Smarter Vulnerability Prioritization with Docker and Mend.io

We recently announced the integration between Mend.io and Docker Hardened Images (DHI) provides a seamless framework for managing container security. By automatically distinguishing between base image vulnerabilities and application-layer risks, it uses VEX statements to differentiate between exploitable vulnerabilities and non-exploitable vulnerabilities, allowing your team to prioritize what really matters. TL;DR: The Developer Value Proposition…

Adam Dawson
and
Dor Hayun

Read now
Apr 2, 2026

Defending Your Software Supply Chain: What Every Engineering Team Should Do Now

The latest supply chain attack wave is not a single incident to respond to. It is a permanent shift in the threat landscape. In this blog by the Docker CISO Mark Lechner, we share the recommended best practice we use to protect ourselves.

Mark Lechner

Read now
Apr 2, 2026

Gemma 4 is Here: Now Available on Docker Hub

Pull Gemma 4 from Docker Hub and start building with open multimodal models designed for efficient and high-performance inference.

Eric Curtin

Read now
Apr 2, 2026

Docker Offload now Generally Available: The Full Power of Docker, for Every Developer, Everywhere.

Docker Offload is now generally available. Docker runs in any environment, even VDIs, no workarounds, no compromise. Built for enterprise teams.

Deanna Sparks
and
Maxine Slaveck

Read now