fidzu : Docker

This is Part 2 of our MCP Horror Stories series, an in-depth look at real-world security incidents exposing the vulnerabilities in AI infrastructure, and how the Docker MCP Toolkit delivers enterprise-grade protection. The Model Context Protocol (MCP) promised to be the "USB-C for AI applications" - a universal standard enabling AI agents like ChatGPT, Claude,...

07 Aug 2025 6:04pm GMT

Federal Risk and Authorization Management Program (FedRAMP) compliance costs typically range from $450,000 to over $2 million and take 12 to 18 months to achieve, time your competitors are using to capture government contracts. While you're spending months configuring FIPS cryptography, hardening security baselines, and navigating 400+ security controls, your competitors are already shipping to...

06 Aug 2025 3:00pm GMT

We launched Docker Hardened Images (DHI) in May, and in just two and a half months, adoption has accelerated rapidly across industries. From nimble startups to global enterprises, organizations are turning to DHI to achieve near-zero CVEs, shrink their attack surface, and harden their software supply chain, all without slowing down developers. In a short...

06 Aug 2025 2:00pm GMT

Hardened container images and distroless software are the new hotness as startups and incumbents alike pile into the fast-growing market. In theory, hardened images provide not only a smaller attack surface but operational simplicity. In practice, there remains a fundamental - and often painful - tension between the promised security perfection of hardened images and...

05 Aug 2025 6:54pm GMT

In the rapidly evolving landscape of software development, integrating modern AI tools is essential to boosting productivity and enhancing the developer experience. One such advancement is the integration of Docker's Model Context Protocol (MCP) Toolkit with Visual Studio Code's GitHub Copilot Agent Mode. This powerful combination transforms how developers interact with containerized applications, enabling autonomous...

04 Aug 2025 8:10pm GMT

When evaluating hardened image providers, don't just look for buzzwords like "zero-CVE" or "minimal." True security in a dynamic environment demands a nuanced understanding of their process, their commitment, and their flexibility. For platform, DevOps, and SecOps teams, these are the critical questions that reveal whether a provider offers genuine security that enhances your workflow,...

04 Aug 2025 7:08pm GMT

Generative AI (GenAI) and the models behind it have already reshaped how developers write code and build applications. But a new class of artificial intelligence is emerging: agentic AI. Unlike GenAI, which focuses on content generation, agentic systems can plan, reason, and take actions across multiple steps, enabling a new approach to building intelligent, goal-driven...

31 Jul 2025 7:00pm GMT

This is issue 1 of a new series - MCP Horror Stories - where we will examine critical security issues and vulnerabilities in the Model Context Protocol (MCP) ecosystem and how Docker MCP Toolkit provides enterprise-grade protection against these threats. What is MCP? The Model Context Protocol (MCP) is a standardized interface that enables AI...

31 Jul 2025 4:00pm GMT

In our recent report, we describe that many enterprises today face a stark reality: despite years of digital transformation efforts, the majority of enterprise workloads-up to 80%-still run on legacy systems. This lag in modernization not only increases operational costs and security risks but also limits the agility needed to compete in a rapidly evolving...

29 Jul 2025 4:46pm GMT

Docker Content Trust (DCT) was introduced 10 years ago as a way to verify the integrity and publisher of container images using The Update Framework (TUF) and the Notary v1 project. However, the upstream Notary codebase is no longer actively maintained and the ecosystem has since moved toward newer tools for image signing and verification....

29 Jul 2025 4:41pm GMT