This is part of the Powered by Docker series, where we feature use cases and success stories from Docker partners and practitioners. This story was contributed by Ryan Wanner. Ryan has more than fifteen years of experience as an entrepreneur and 3 years in AI space developing software and is the founder of Open Source
arXiv:2510.03720v1 Announce Type: new Abstract: Linux Seccomp is widely used by the program developers and the system maintainers to secure the operating systems, which can block unused syscalls for different applications and containers to shrink the attack surface of the operating systems. However, it is difficult to configure the whitelist of a container or application without the help of program developers. Docker containers block about only 50 syscalls by default, and lots of unblocked...
Developers can now discover and run IBM's latest open-source Granite 4.0 language models from the Docker Hub model catalog, and start building in minutes with Docker Model Runner. Granite 4.0 pairs strong, enterprise-ready performance with a lightweight footprint, so you can prototype locally and scale confidently. The Granite 4.0 family is designed for speed, flexibility,
Every organization we speak with shares the same goal: to deliver software that is secure and free of CVEs. Near-zero CVEs is the ideal state. But achieving that ideal is harder than it sounds, because paradoxes exist at every step. Developers patch quickly, yet new CVEs appear faster than fixes can ship. Organizations standardize on
Last week, Docker was thrilled to be part of the inaugural AI Engineer Paris, a spectacular European debut that brought together an extraordinary lineup of speakers and companies. The conference, organized by the Koyeb team, made one thing clear: the days of simply sprinkling 'AI dust' on applications are over. Meaningful results demand rigorous engineering,
I've been experimenting with local models for a while now, and the progress in making them accessible has been exciting. Initial experiences are often fantastic, many models, like Gemma 3 270M, are lightweight enough to run on common hardware. This potential for broad deployment is a major draw. However, as I've tried to build meaningful,
arXiv:2506.08218v2 Announce Type: replace Abstract: Containerisation is a popular deployment process for application-level virtualisation using a layer-based approach. Docker is a leading provider of containerisation, and through the Docker Hub, users can supply Docker images for sharing and re-purposing popular software application containers. Using a combination of in-built inspection commands, publicly displayed image layer content, and static image scanning, Docker images are designed to...
Development teams are under growing pressure to secure their software supply chains. Teams need trusted images, streamlined deployments, and compliance-ready tooling from partners they can rely on long term. Our customers have made it clear that they're not just looking for one-off vendors. They're looking for true security partners across development and deployment. That's why
Today, we want to highlight Docker MCP Toolkit, a free feature in Docker Desktop that gives you access to more than 200 MCP servers. It's the easiest and most secure way to run MCP servers locally for your AI agents and workflows. The MCP toolkit allows you to isolate MCP servers in containers, securely configure
Hi everyone, Docker has been claiming ISO 27001 certification since April 2024. However, I haven't been able to find any publicly available certificate documents, unlike with other providers (e.g. AWS). Multiple inquiries through official channels have gone unanswered. This is unusual, since ISO 27001 certificates don't contain sensitive information and are normally made accessible either directly by the company or via the certification body. Does anyone have access to Docker's ISO 27001...
Hi, I am not a security expert, but I had a question about cybersecurity in a historic sense. Is the internet safer, in the sense that it is harder to hack into computers or accounts? Developers have more memory safety in programming languages like Rust, a better understanding of attack vectors, and the standard software packages we use seem to come with good security. We also have two factor authentication, and probably better ways to isolate processes on some systems, like Docker, and better...
ShadowV2 exploits AWS Docker flaws to deliver advanced DDoS-for-hire attacks.
The Docker Customer Success and Technical Account Management organizations are excited to introduce the Premium Support and TAM service - a new service designed to extend Docker's support to always-on 24/7, priority SLAs, expert guidance, and TAM add-on services. We have carefully designed these new services to support our valued customers' developers and global business
Promptfoo is an open-source CLI and library for evaluating LLM apps. Docker Model Runner makes it easy to manage, run, and deploy AI models using Docker. The Docker MCP Toolkit is a local gateway that lets you set up, manage, and run containerized MCP servers and connect them to AI agents. Together, these tools let
trivy is good, but it's done by horrible people. since we don't want to support that, what can we use? something that scans : terraform, dockerfiles, docker images, k8s clusters. submitted by /u/m0jo-r0jo [link] [comments]
A sophisticated cybercrime campaign has emerged that transforms legitimate AWS infrastructure into weaponized attack platforms through an innovative combination of containerization and distributed denial-of-service capabilities. The ShadowV2 botnet represents a significant evolution in cyber threats, leveraging exposed Docker daemons on Amazon Web Services EC2 instances to establish persistent footholds for large-scale DDoS operations. This campaign
There is a chance that this idea already exists, but maybe not. So the idea is to simply open emails(and the links within) in a docker-like container and monitor what the link does and determine whether or not the link is malicious. If anyone knows software that's has this implemented please let me know the name. submitted by /u/cama888 [link] [comments]
This is Part 4 of our MCP Horror Stories series, where we examine real-world security incidents that expose the devastating vulnerabilities in AI infrastructure and demonstrate how Docker MCP Gateway provides enterprise-grade protection against sophisticated attack vectors. The Model Context Protocol (MCP) has transformed how developers integrate AI agents with their development environments. Tools like
Cybersecurity researchers have disclosed details of a new botnet that customers can rent access to conduct distributed denial-of-service (DDoS) attacks against targets of interest. The ShadowV2 botnet, according to Darktrace, predominantly targets misconfigured Docker containers on Amazon Web Services (AWS) cloud servers to deploy a Go-based malware that turns infected systems into attack nodes
Following on from our previous initiative to improve how Docker Desktop delivers updates, we are excited to announce another major improvement to how Docker Desktop keeps your development tools up to date. Starting with Docker Desktop 4.46, we're introducing automatic component updates and a completely redesigned update experience that puts your productivity first. Why We're