Docker, Inc

Introducing Docker AI Governance. Every team is racing to deploy agents. Engineering, marketing, finance, all moving faster than ever. But agents don’t just assist. They access private repos, customer data, production APIs, and in most cases, there’s no visibility into what they’re doing. To run agents at scale, you need a policy layer underneath everything. Sandbox, network, and MCP controls, defined once, enforced everywhere, and fully auditable. Docker AI Governance is now available, so teams can move fast without losing control. Learn more →

🎙️What happens when you let an AI agent run in YOLO mode? Mark Cavage has a pretty interesting take on the current wave of Agentic AI.. Mark helped build early AWS, co-founded Oracle Cloud Infrastructure, and now runs Docker, Inc as President & COO. He's spent two decades at the infrastructure layer — so when he talks about how agents actually run, it's worth paying attention. In this episode, Raja Iqbal sits down with Mark Cavage to explore: 🔹 Why cloud infrastructure is being rebuilt for the agentic era 🔹 What happens when AI writes, runs, and deploys its own code 🔹 1000x productivity. 1000x risk. Who's managing the gap? This one's for the engineers building with agents, the security leads wondering what's slipping through, the CTOs figuring out what "agentic" means for their stack, the founders deciding where to build, and anyone who's ever wondered what actually happens when you give an AI too much autonomy. Episode drops tomorrow | May 12 at 12 PM PDT. YouTube · Spotify · Apple Podcasts

Containers became the default path to production. That also made the container supply chain one of the biggest security risks teams now have to manage. At Devoxx UK, Docker Captain Matthias Haeussler gave a great talk on Docker Hardened Images - what you need to know, and the level of interest in the room was a clear signal. Developers are actively looking for better ways to handle container security, not as an afterthought, but as part of how software gets built and shipped. A strong indication of where the ecosystem is heading.

There’s a point where using hosted AI tools starts to feel limiting. This guide walks through setting up your own local image generation stack with Docker Model Runner and Open WebUI, running entirely on your machine. You get a chat interface, API access, and full control over models and data without relying on external services. What stands out is how simple the setup is, and how easily it fits into real workflows. Worth exploring if you’re building anything multimodal or want to keep things local. Read →

Running multiple AI agents at once? That’s where the real problems start, and you’ve probably already hit the edge of it: shared context, conflicting changes, resource contention, and unclear boundaries between agents. In the recent issue of the Docker Navigator, we break down what that looks like in practice: • Isolated environments for agents • Local models in real workflows • Security and reliability at scale This is where you find out if your setup actually works - and what it takes to make it reliable: https://bit.ly/3QHZcTA

Ever feel like Docker tutorials are either too simple… or way too convoluted? Docker Captain Saloni Narang just dropped a blog series that skips the analogies and gets straight to what actually matters. No “Docker is like a VM.” No mental gymnastics required. Instead, 7 Days of Docker takes you through things like: - What Actually Happens When You Type “docker run” - Why your image supply chain might be breaking down - How Docker Compose is actually used in practice It’s a from-the-inside-out explanation of Docker: how it really works and how it’s actually used. If Docker hasn’t quite “clicked” yet, this helps connect the dots: https://bit.ly/4esEp04

Platform teams often need golden images with internal requirements baked in. The challenge is keeping those customizations baked-in, as images are patched with every CVE. This video shows how Docker Hardened Image customizations let you define changes once, keep all attestations intact, and have those changes automatically persist across every patch. Watch now: https://bit.ly/3QRTSgk

Not all vulnerabilities are equal. In container environments, many CVEs exist in the filesystem but have no impact on how your application actually runs. Treating them the same creates false positives, slows teams down, and pulls focus away from real risk management. The new integration between Docker Hardened Images and Black Duck change that: → VEX data filters out vulnerabilities that are not exploitable → Binary analysis verifies what’s actually in the container within binary executables and libraries → Layer-aware insights separate base image noise from application risk → Policy automation enforces exploitability-driven triage at scale The result: fewer false positives, faster pipelines, and security teams focused on what actually matters. Read more →

Early bird discount tickets still available for WeAreDevelopers World Congress North America! This isn’t just another tech conference - with Docker as co-host, it’s a builders-first event focused on how software is actually being built today: from AI workflows to platform engineering, security, and real-world systems. Expect hands-on workshops, live builds, and sessions you can take back into your day-to-day work. If you’re planning to attend, now’s the time to lock it in. Get your ticket → https://bit.ly/4e7b7nD