security

Docker Announces SOC 2 Type 2 Attestation & ISO 27001 Certification

Rachel Taylor
Jun 4, 2024

Docker, security, Security series

Docker demonstrates commitment to security by achieving SOC 2 Type 2 attestation and ISO 27001 certification.

• All
• Products
• Community
• Engineering
• Company

Navigating Proxy Servers with Ease: New Advancements in Docker Desktop 4.30

Gagan Arora
May 14, 2024

Docker Desktop, Docker for Windows, security

Docker Desktop 4.30 offers new proxy authentication enhancements, especially on the Windows front, to ensure seamless integration and interaction.

Docker and JFrog Partner to Further Secure Docker Hub and Remove Millions of Imageless Repos with Malicious Links

Rachel Taylor
Apr 30, 2024

Docker Hub, security

Docker and JFrog partner to further secure Docker Hub by removing millions of imageless repos with malicious links.

Debian’s Dedication to Security: A Robust Foundation for Docker Developers

David Dooling
Apr 4, 2024

developers, Docker Official Images, security

We outline how and why Debian operates as a secure basis for development and makes a good choice for Docker Official Images.

From Misconceptions to Mastery: Enhancing Security and Transparency with Docker Official Images

David Dooling
Apr 4, 2024

Docker Official Images, open source, Secure Software Supply Chain, security

Docker Official Images are an important component of Docker’s commitment to the security of both the software supply chain and open source software. We address three common misconceptions about Docker Official Images and outline seven ways they help secure the software supply chain.

OpenSSH and XZ/liblzma: A Nation-State Attack Was Thwarted, What Did We Learn?

Justin Cormack
Apr 1, 2024

Secure Software Supply Chain, security

Docker CTO Justin Cormack looks at what we can learn from malicious code in upstream tarballs of xz targeted at a subset of OpenSSH servers. “It is hard to overstate how lucky we were here, as there are no tools that will detect this vulnerability.”

Is Your Container Image Really Distroless?

Laurent Goderre
Mar 27, 2024

Kubernetes, Secure Software Supply Chain, security

Find out what makes an image distroless, tools that make the creation of distroless images practical, and security benefits of this approach.

Filter Out Security Vulnerability False Positives with VEX

David Karlsson & Tazin Progga
Mar 5, 2024

Docker Scout, security

False positives got you down? VEX works with Docker Scout to filter out false positives in security vulnerabilities. Learn how to get started with this powerful combo. 

Azure Container Registry and Docker Hub: Connecting the Dots with Seamless Authentication and Artifact Cache

Jason Dunne
Feb 29, 2024

containers, Docker Hub, Microsoft Azure, security

See best practices for using public images and ensuring the security and reliability of your Docker containers.