Christian Dupuis
Senior Principal Software Engineer, Docker
More by Christian
How Docker Hardened Images Patches Vulnerabilities in 24 hours
See how Docker Hardened Images patched Golang SSH CVEs in under 24 hours with Scout real-time CVE ingestion, automated rebuilds, SBOM clarity, and AI guardrails.
Read now
Docker Hardened Images: crafted by humans, protected by AI
At Docker, we are building our hardened images to exacting standards. That means carefully crafting by hand, because humans are still the best security architects. That said, we understand the value of AI and deploy it as an extra set of eyes at critical junctures in our Docker Hardened Image (DHI) build process. With this…
Read now
100% Transparency and Five Pillars
How to Do Hardened Images (and Container Security) Right Container security is understandably a hot topic these days, with more and more workloads running atop this mainstay of the cloud native landscape. While I might be biased because I work at Docker, it is safe to say that containers are the dominant form factor for…
Read now
The Supply Chain Paradox: When “Hardened” Images Become a Vendor Lock-in Trap
Explore the paradox of hardened container images—strong security gains but hidden vendor lock-in risks. Learn how to harden without losing control.
Read now
Remocal and Minimum Viable Models: Why Right-Sized Models Beat API Overkill
Cut costs, reduce latency, and build faster with right-sized AI. Learn why Remocal and Minimum Viable Models are the future of practical AI development.
Read now
Everyone’s a Snowflake: Designing Hardened Image Processes for the Real World
Why flexible hardened images drive real security. Learn how platform teams can balance security, usability, and developer happiness at scale.
Read now
Hard Questions: What You Should Really Be Asking Your Hardened Image Provider Before You Press the Buy Button
Not all hardened images are secure. Ask these 15+ critical questions to evaluate providers’ patching, flexibility, transparency, and CI/CD compatibility
Read now
Security Advisory: High Severity OpenSSL Vulnerabilities
UPDATE: The OpenSSL Project has officially disclosed two high-severity vulnerabilities: CVE-2022-3602 and CVE-2022-3786. These CVEs impact all OpenSSL versions after 3.0. The sole exception is version 3.0.7, which contains fixes for those latest vulnerabilities. Previously, these CVEs were thought to be “critical.” Learn more here.
Read now
Resolve Vulnerabilities Sooner With Contextual Data
OpenSSL 3.0.7 and “Text4Shell” won’t be the last critical vulnerabilities to plague your development team. Here’s how contextual data, Docker, and Atomist can help you remediate.
Read now
Security Advisory: CVE-2022-42889 “Text4Shell”
Learn more about the CVE-2022-42889, aka “Text4Shell” vulnerability in the “Apache Commons Text” Java library — and how Docker Security Scans identify it.
Read now
How Docker Hardened Images Patches Vulnerabilities in 24 hours
See how Docker Hardened Images patched Golang SSH CVEs in under 24 hours with Scout real-time CVE ingestion, automated rebuilds, SBOM clarity, and AI guardrails.
Read now
Docker Hardened Images: crafted by humans, protected by AI
At Docker, we are building our hardened images to exacting standards. That means carefully crafting by hand, because humans are still the best security architects. That said, we understand the value of AI and deploy it as an extra set of eyes at critical junctures in our Docker Hardened Image (DHI) build process. With this…
Read now
100% Transparency and Five Pillars
How to Do Hardened Images (and Container Security) Right Container security is understandably a hot topic these days, with more and more workloads running atop this mainstay of the cloud native landscape. While I might be biased because I work at Docker, it is safe to say that containers are the dominant form factor for…
Read now
The Supply Chain Paradox: When “Hardened” Images Become a Vendor Lock-in Trap
Explore the paradox of hardened container images—strong security gains but hidden vendor lock-in risks. Learn how to harden without losing control.
Read now
Remocal and Minimum Viable Models: Why Right-Sized Models Beat API Overkill
Cut costs, reduce latency, and build faster with right-sized AI. Learn why Remocal and Minimum Viable Models are the future of practical AI development.
Read now
Everyone’s a Snowflake: Designing Hardened Image Processes for the Real World
Why flexible hardened images drive real security. Learn how platform teams can balance security, usability, and developer happiness at scale.
Read now
Hard Questions: What You Should Really Be Asking Your Hardened Image Provider Before You Press the Buy Button
Not all hardened images are secure. Ask these 15+ critical questions to evaluate providers’ patching, flexibility, transparency, and CI/CD compatibility
Read now
Security Advisory: High Severity OpenSSL Vulnerabilities
UPDATE: The OpenSSL Project has officially disclosed two high-severity vulnerabilities: CVE-2022-3602 and CVE-2022-3786. These CVEs impact all OpenSSL versions after 3.0. The sole exception is version 3.0.7, which contains fixes for those latest vulnerabilities. Previously, these CVEs were thought to be “critical.” Learn more here.
Read now
Resolve Vulnerabilities Sooner With Contextual Data
OpenSSL 3.0.7 and “Text4Shell” won’t be the last critical vulnerabilities to plague your development team. Here’s how contextual data, Docker, and Atomist can help you remediate.
Read now
Security Advisory: CVE-2022-42889 “Text4Shell”
Learn more about the CVE-2022-42889, aka “Text4Shell” vulnerability in the “Apache Commons Text” Java library — and how Docker Security Scans identify it.
Read now