Find the best container security workflow for your company with these key takeaways from DockerCon. We’ll cover mindset, structure, toolsets, and more.
security
Apache Log4j 2 CVE-2021-44228
Update: 13 December 2021 As an update to CVE-2021-44228, the fix made in version 2.15.0 was incomplete in certain non-default configurations. An additional issue was identified and is tracked with CVE-2021-45046. For a more complete fix to this vulnerability, it’s...
Join Us at SnykCon 2021!
This week is Snyk’s annual SnykCon virtual conference that aims to connect with the global developer and security communities and Docker is excited to participate as a gold sponsor for the second year! At last year’s conference, we discussed our partnership with Snyk...
Building a healthy and secure software supply chain
Securing the software supply chain is now an everyday concern for developers. As attackers increasingly target open-source components as a way to compromise the software supply chain, developers hold the keys to making their projects as secure as they can be. That’s...
Docker Security Roundup: News, Articles, Sessions
With the eyes of the security world converging on Black Hat USA next week, now is a good time to remember that building secure applications is paramount. In the latest chapter in Docker's security story, Docker CTO Justin Cormack last month provided an important...
Level Up Security with Scoped Access Tokens
Scoped tokens are here 💪! Scopes give you more fine grained control over what access your tokens have to your content and other public content on Docker Hub! It’s been a while since we first introduced tokens into Docker Hub (back in 2019!) and we are...
Bringing “docker scan” to Linux
At the end of last year we launched vulnerability scanning options as part of the Docker platform. We worked together with our partner Snyk to include security testing options along multiple points of your inner loop. We incorporated scanning options into the...
Combining Snyk Scans in Docker Desktop and Docker Hub to Deploy Secure Containers
Last week, we announced that the Docker Desktop Stable release includes vulnerability scanning, the latest milestone in our container security solution that we are building with our partner Snyk. You can now run Snyk vulnerability scans directly from the Docker...
Docker and Snyk Extend Partnership to Docker Official and Certified Images
Today we are pleased to announce that Docker and Snyk have extended our existing partnership to bring vulnerability scanning to Docker Official and certified images. As the exclusive scanning partner for these two image categories, Snyk will work with Docker to...