|
|
[Docker Navigator] Issue #24: Rethinking Microservices and Securing the Modern Supply Chain
|
|
|
In this issue, we look at how developers are building smarter and more secure systems with Docker. You’ll see when a modular monolith can outperform microservices, how Docker Hardened Images and Docker Scout respond to real supply chain attacks, and how MCP and Sandboxes help you run safer AI agents. We also highlight faster model inference with vLLM, practical guidance for Hardened Images trials, and the latest on-demand sessions across AI and supply chain security.
|
|
|
Microservices can unlock flexibility, but they also add operational overhead that many teams do not need. With Docker, a modular monolith or SOA can deliver the consistency and scale teams expect while keeping governance, security, and development workflows manageable.
See how Docker Hardened Images patched Golang SSH CVEs in under 24 hours with Scout real-time CVE ingestion, automated rebuilds, SBOM clarity, and AI guardrails.
How tool poisoning turned WhatsApp into a data exfiltration channel, and how Docker MCP Gateway blocked it with validation, network isolation, and audit logging.
|
|
|
|
|
|
|
Docker Desktop 4.50 speeds up debugging with improved breakpoints, cleaner step-through behavior, and smoother IDE integration. The release strengthens enterprise security controls, improves Windows and WSL2 reliability, and introduces early MCP support so developers can start integrating AI into their workflows.
New research from theCUBE highlights how Docker improves supply chain security and reduces the effort required to stay compliant. Teams get clearer visibility, faster remediation, and guardrails that fit directly into existing workflows.
Mark Lechner, Docker’s CISO, shares his vision for a future where Docker not only powers the software supply chain, but actively safeguards it.
Shai Hulud 2.0 created widespread supply chain risk, and Docker Scout responded by ingesting the malware indicators, scanning protected images, and correlating SBOMs to confirm exposure. The article highlights how this automated pipeline gave developers fast and reliable insight during an active attack.
Docker identified the origin of the vulnerability in a nested open source dependency and partnered with the upstream project to ship a fix. The blog covers how this approach ensures the patch reaches all downstream users and reinforces the health of shared infrastructure.
|
|
|
Dive Deep: Build, Test, and Scale AI Agents with Docker
|
|
|
Explore how teams are configuring and connecting MCP agents, running secure agent workflows in Docker Sandboxes, accelerating model inference with vLLM, and evaluating image security more effectively with Docker Hardened Images.
|
|
|
|
|
Build and Secure AI Agents with Docker MCP
|
|
|
|
|
Run Coding Agents Safely with Docker Sandboxes
|
|
|
Docker Sandboxes lets developers use coding agents without risking changes to the host machine. This post shows how container isolation, workspace mounting, and restricted permissions create a secure environment for agent-driven workflows.
|
|
|
Run High-Throughput Models with Docker Model Runner and vLLM
|
|
|
|
|
Get More from Your Docker Hardened Images Trial
|
|
|
|
|
Watch: AI Guide to the Galaxy
|
|
|
|
|
|
|
Connect with the Docker community to learn, ask questions, and stay up to date with what’s new in containerization. Explore the
Docker Forum for active discussions and our
Events page for what’s happening next. Here’s a recent thread from the forum:
|
|
|
|
|
This month offers a fully
on-demand webinar lineup with sessions that help you improve AI workflows, strengthen your supply chain, and stay current with Docker’s latest tools. Explore the newest sessions:
|
|
|
|
|
Thank you for reading Docker Navigator! If you enjoyed this issue, please share it with your friends so they can
subscribe now.
|
|
|
|
|
|
|
