Andrew Weiss

  We are excited to share that we have achieved formal FIPS 140-2 validation (Certificate #3304) from the National Institute of Standards and Technology (NIST) for our Docker Enterprise Edition Crypto Library. With this validation and industry-recognized seal of approval for cryptographic modules, we are able to further deliver on the fundamental confidentiality, integrity and availability objectives of information security and provide our commercial customers with a validated and secure platform for their applications. As required by the Federal Information Security Management Act (FISMA) and other regulatory technology frameworks like HIPAA and PCI, FIPS 140-2 is an important validation mechanism for protecting the sensitivity and privacy of information…

Continue reading...
Jenny Fong

We recently hosted IDC research manager Gary Chen as a guest speaker on a webinar where he shared results from a recent IDC survey on container and container platform adoption in the enterprise. IDC data shows that more organizations are deploying applications into production using containers, driving the need for container platforms like Docker Enterprise that integrate broad management capabilities including orchestration, security and access controls. The audience asked a lot of great questions about both the IDC data and containerizing production applications. We picked the top questions from the webinar and recapped them here. If you missed the webinar, you…

Continue reading...
Jenny Fong

As container technology adoption continues to advance and mature, companies now recognize the importance of an enterprise container platform. More than just a runtime for applications, a container platform provides a complete management solution for securing and operationalizing applications in containers at scale over the entire software lifecycle. While containers may have revolutionized the way developers package applications, container platforms are changing the way enterprises manage and secure both mission-critical legacy applications and microservices both on prem and across multiple clouds. Enterprises are beginning to see that container runtime and orchestration technologies alone don’t address these critical questions: Where did this…

Continue reading...
Andrew Weiss

Last year, we announced our pursuit of FIPS 140-2 validation of the Docker Enterprise container platform. This meant starting with the included cryptography components at the Docker Engine foundation to better address the rigorous security requirements of government agencies and others in regulated industries. Over the last year, we’ve progressed through the NIST Cryptographic Module Validation Program (CMVP), from “Implementation Under Test” to “Module In Process” and are nearing full completion of validation. Track our progress online at NIST’s CMVP website and as of this post, we are “Module In Process, Coordination”. We are anticipating full validation of Docker Engine – Enterprise in…

Continue reading...
John Harris

Over the last decade, the popularity of microservices and highly-scalable systems has increased, leading to an overall increase in the complexity of applications that are now distributed heavily across the network with many moving pieces and potential failure modes. This architectural evolution has changed the monitoring requirements and led to a need for scalable and insightful tooling and practices to enable us to better identify, debug and resolve issues in our systems before they impact the business and our end users (internal and/or external). I recently gave a talk at DockerCon SF 18 discussing functionality in Docker Enterprise that enables…

Continue reading...
Nicola Kabar

At Docker, we believe the best insights come from the developers and IT pros using the Docker platform every day. Since the launch of Docker Enterprise Edition, we learned three things from our customers. First, a top goal in enterprise IT is to deliver value to customers (internal business units or external clients)…and to do so fast. Second, most enterprises believe that Docker is at the center of their IT platform. Finally, most enterprises’ biggest challenge is moving their containerized applications to production in time to prove value. My DockerCon talk focused on addressing the third item, which seems to…

Continue reading...