Ying Li

Introducing Docker Secrets Management

Containers are changing how we view apps and infrastructure. Whether the code inside containers is big or small, container architecture introduces a change to how that code behaves with hardware – it fundamentally abstracts it from the infrastructure. Docker believes that there are three key components to container security and together they result in inherently safer apps. A critical element of building safer apps is having a secure way of communicating with other apps and systems, something that often requires credentials, tokens, passwords and other types of confidential information—usually referred to as application secrets. We are excited to introduce Docker Secrets, a container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform. With containers, applications are now dynamic and portable across multiple environments. This  made existing secrets distribution solutions Continue reading…

Diogo Mónica

A Look Back at One Year of Docker Security

Security is one of the most important topics in the container ecosystem right now, and over the past year, our team and the community have been hard at work adding new security-focused features and improvements to the Docker platform.

Diogo Mónica

Introducing Docker Content Trust

Image Signing and Verification using The Update Framework (TUF) A common request that we’ve heard from the Docker community is the need to have strong cryptographic guarantees over what code and what versions of software are being run in your infrastructure. This is an absolute necessity for secure and auditable production deployments. To answer these needs, we are excited to announce a new feature in 1.8 called Docker Content Trust which integrates The Update Framework (TUF) into Docker using Notary, an open source tool that provides trust over any content.

Diogo Mónica

Understanding Docker Security and Best Practices

Nathan McCauley and I have been working on a bunch of things since joining Docker. One area that we noticed is lacking is in the availability of information around Docker architecture and best practices in securely configuring and deploying Dockerized applications. This knowledge exists across the vast community of Docker users but we realized that we just haven’t gotten around to writing it down and sharing with everyone else.   As part of that process, Jérôme Petazzoni and I joined representatives from VMware, Rakuten, Cognitive Scale and International Securities Exchange to collaborate with the Center for Internet Security on a benchmark for Docker Engine 1.6. The CIS Security Benchmarks program provides well-defined, unbiased and consensus-based industry best practices to help organizations assess and improve their security.   We believe that unbiased and community driven benchmarks like this are important in providing Continue reading…

Get the Latest Docker News by Email

Docker Weekly is a newsletter with the latest content on Docker and the agenda for the upcoming weeks.