fidzu : Docker

If you've worked with local language models, you've probably run into the context window limit, especially when using smaller models on less powerful machines. While it's an unavoidable constraint, techniques like context packing make it surprisingly manageable. Hello, I'm Philippe, and I am a Principal Solutions Architect helping customers with their usage of Docker. In...

13 Feb 2026 1:57pm GMT

Docker Hardened Images are now free, covering Alpine, Debian, and over 1,000 images including databases, runtimes, and message buses. For security teams, this changes the economics of container vulnerability management. DHI includes security fixes from Docker's security team, which simplifies security response. Platform teams can pull the patched base image and redeploy quickly. But free...

10 Feb 2026 2:00pm GMT

Open source components power most modern applications. A new generation of hardened container images can establish a more secure foundation, but even with hardened images, vulnerability scanners often return dozens or hundreds of CVEs with little prioritization. This noise slows teams down and complicates security triage. The VEX (Vulnerability Exploitability eXchange) standard addresses the problem...

05 Feb 2026 11:25pm GMT

We're excited to announce that the remote Atlassian Rovo MCP server is now available in Docker's MCP Catalog and Toolkit, making it easier than ever to connect AI assistants to Jira and Confluence. With just a few clicks, technical teams can use their favorite AI agents to create and update Jira issues, epics, and Confluence...

04 Feb 2026 1:52pm GMT

Every time execution models change, security frameworks need to change with them. Agents force the next shift. The Unattended Laptop Problem No developer would leave their laptop unattended and unlocked. The risk is obvious. A developer laptop has root-level access to production systems, repositories, databases, credentials, and APIs. If someone sat down and started using...

04 Feb 2026 2:02am GMT

We introduced Docker Sandboxes in experimental preview a few months ago. Today, we're launching the next evolution with microVM isolation, available now for macOS and Windows. We started Docker Sandboxes to answer the question: How do I run Claude Code or Gemini CLI safely? Sandboxes provide disposable, isolated environments purpose-built for coding agents. Each agent...

30 Jan 2026 11:39pm GMT

Personal AI assistants are transforming how we manage our daily lives-from handling emails and calendars to automating smart homes. However, as these assistants gain more access to our private data, concerns about privacy, data residency, and long-term costs are at an all-time high. By combining Clawdbot with Docker Model Runner (DMR), you can build a...

26 Jan 2026 8:51pm GMT

We recently showed how to pair OpenCode with Docker Model Runner for a privacy-first, cost-effective AI coding setup. Today, we're bringing the same approach to Claude Code, Anthropic's agentic coding tool. This post walks through how to configure Claude Code to use Docker Model Runner, giving you full control over your data, infrastructure, and spend....

26 Jan 2026 1:11pm GMT

Customizing Docker Hardened Images In Part 1 and Part 2, we established the baseline. You migrated a service to a Docker Hardened Image (DHI), witnessed the vulnerability count drop to zero, and verified the cryptographic signatures and SLSA provenance that make DHI a compliant foundation. But no matter how secure a base image is, it...

25 Jan 2026 5:51pm GMT

Verifying Security and Compliance of Docker Hardened Images In Part 1 of this series, we migrated a Node.js service to Docker Hardened Images (DHI) and measured impressive results: 100% vulnerability elimination, 90% package reduction, and 41.5% size decrease. We extracted the SBOM and saw compliance labels for FIPS, STIG, and CIS. The numbers look compelling....

24 Jan 2026 8:24pm GMT