Docker, Inc

Across the Ship Happens episodes, a clear pattern emerges: the infrastructure around AI is becoming just as important as the models themselves. We've collected some of our favorite AI conversations in one place. This episode brings together perspectives on trust, governance, and what happens after the model - when agents become part of real workflows. Watch → https://lnkd.in/esPKpEzm

A lot of security guidance for AI agents feels incomplete. Not because it's wrong, but because agents behave fundamentally differently from the applications most teams are used to protecting. This guide breaks down the security domains that matter most once agents start executing code, accessing systems, and acting on your behalf, and how teams are approaching them in practice. Read →

Agents are helping teams generate more code than ever. So why aren't organizations shipping proportionally faster? Docker CISO Mark Lechner’s LeadDev London session, “Ship 10x Code Safely with Agents,” digs into the trust gap that appears as agents gain access to internal systems, private data, and production workflows. Using real-world examples, he breaks down why both constant approval prompts and unrestricted "YOLO mode" fail at enterprise scale - and what effective governance looks like in practice. Watch on demand → https://bit.ly/4oJgIUw

AI governance is becoming one of the most talked-about topics in AI. The challenge is that a lot of the guidance assumes you're governing models, not agents. Agents behave differently. They choose tools at runtime, chain actions together, pass data between systems, and operate with a level of autonomy traditional security models weren't built around. This guide breaks down the core governance principles, frameworks, and the controls that organizations are building around AI systems today. If you're trying to understand how governance translates from policy into day-to-day development and operations, this helps connect those dots. Read →

Your agents can write code, call APIs, modify files, and spin up containers. That's exactly what makes them useful. It's also why it’s just a little terrifying if they’re running loose on your host machine. On June 24, we're partnering with Data Science Dojo for a hands-on virtual workshop to address this: “Running LLM Agents Safely with Docker Sandboxes.” Docker Developer Success Advocate Dan Ndombe will walk through building a secure runtime environment where agents can actually do their jobs - without turning your filesystem into a crime scene. You'll come away with: • A working sandboxed agent setup • A clear framework for permission controls and runtime isolation • Patterns you can apply immediately to dev or production environments Whether you're building experimental prototypes or deploying agentic systems at scale, this workshop will help you build the guardrails that make agent autonomy practical. Register: https://lnkd.in/gQDFyCwZ

Congrats to Ajeet Singh Raina and Harsh Manvar! 🚀 One of the best parts of this community is seeing how many developers are eager to keep learning and expanding their Docker skills.

What actually makes a container image "hardened"? As supply chain security gets more attention, "hardened" content comes up a lot, in this guide we get into what hardened images and why they matter. A genuinely hardened image does three things, not one: it strips out the packages an application never uses (most container CVEs live in that inherited baggage), it's continuously rebuilt to stay patched, and it ships with verifiable metadata (such as SBOMs, SLSA provenance, VEX, and signatures) so you can always prove what's inside and how it was built. This guide breaks down why minimization alone isn't enough, and how hardened images differ from slim variants, distroless builds, and basic image scanning. Read →

Docker has joined Athena, a cross-industry coalition focused on coordinating the defense of open source vulnerabilities before they can be exploited. No single company has visibility into the entire software supply chain. That's why collaboration across the ecosystem is becoming increasingly important as AI accelerates vulnerability discovery. Here's why we're participating and what it means for developers:

The interesting questions about agents aren't really about the model anymore. They're about execution, permissions, credentials, and what happens when an agent can take action on your behalf. This Elastic Community video gives a clear, practical walkthrough of Docker Sandboxes: how they isolate agent workflows, why that matters for local development, and what the day-to-day experience of working with agents actually looks like. It covers everything from autonomous workflows and credential handling to network controls and the practical developer experience. Watch: https://lnkd.in/eMYXJsDp