Discover how Docker’s tools enhance software supply chain security, empowering teams to innovate securely at every stage of development.
secure software supply chain
Why Secure Development Environments Are Essential for Modern Software Teams
Secure development environments are the backbone of modern software teams, ensuring speed and innovation don’t come at the cost of vulnerabilities, inefficiencies, or eroded trust.
Building Trust into Your Software with Verified Components
Learn how Docker Hub and Docker Scout can help development teams ensure a more secure and compliant software supply chain.
Enhancing Container Security with Docker Scout and Secure Repositories
Discover how Docker Scout integrates with secure container repositories to ensure vulnerability-free and compliant images in highly secure environments.
Docker Scout Health Scores: Security Grading for Container Images in Your Docker Hub Repo
The Docker team introduces Docker Scout health scores to help quickly evaluate image health and simplify software security for developers.
From Misconceptions to Mastery: Enhancing Security and Transparency with Docker Official Images
Docker Official Images are an important component of Docker’s commitment to the security of both the software supply chain and open source software. We address three common misconceptions about Docker Official Images and outline seven ways they help secure the software supply chain.
OpenSSH and XZ/liblzma: A Nation-State Attack Was Thwarted, What Did We Learn?
Docker CTO Justin Cormack looks at what we can learn from malicious code in upstream tarballs of xz targeted at a subset of OpenSSH servers. “It is hard to overstate how lucky we were here, as there are no tools that will detect this vulnerability.”
Is Your Container Image Really Distroless?
Find out what makes an image distroless, tools that make the creation of distroless images practical, and security benefits of this approach.
Announcing Docker Scout Software Supply Chain Solution for Open Source Projects
Docker is now providing a free Docker Scout Team subscription to all Docker-Sponsored Open Source (DSOS) program participants.