<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:dc="http://purl.org/dc/elements/1.1/">
  <channel>
    <title>DEV Community: Docker</title>
    <description>The latest articles on DEV Community by Docker (docker).</description>
    <link>https://dev.to/docker</link>
    <image>
      <url>https://media2.dev.to/dynamic/image/width=90,height=90,fit=cover,gravity=auto,format=auto/https:%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Forganization%2Fprofile_image%2F3459%2F42b5911d-1b27-42a6-988a-a45d81aaaf7a.png</url>
      <title>DEV Community: Docker</title>
      <link>https://dev.to/docker</link>
    </image>
    <atom:link rel="self" type="application/rss+xml" href="https://dev.to/feed/docker"/>
    <language>en</language>
    <item>
      <title>Docker Security Dispatch — Issue 4: Miasma, Phantom Gyp, and AI Routing 🪱️</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Wed, 01 Jul 2026 22:09:36 +0000</pubDate>
      <link>https://dev.to/docker/docker-security-dispatch-issue-4-miasma-phantom-gyp-and-ai-routing-4n6h</link>
      <guid>https://dev.to/docker/docker-security-dispatch-issue-4-miasma-phantom-gyp-and-ai-routing-4n6h</guid>
      <description>&lt;p&gt;Welcome to the fourth issue of &lt;strong&gt;Docker Security Dispatch&lt;/strong&gt;, written from the beautiful city of Bratislava, Slovakia.&lt;/p&gt;

&lt;p&gt;June has proven that the security battleground has shifted from the production server to the developer's workstation, the CI/CD pipeline cache, and the AI agent's execution context. Supply chain worms are evolving to bypass the most trusted industry defenses, and new research has exposed critical flaws in the AI routing layer.&lt;/p&gt;

&lt;h3&gt;
  
  
  Key Takeaways
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Miasma &amp;amp; Phantom Gyp&lt;/strong&gt;: The latest wave of npm worms bypasses the &lt;code&gt;--ignore-scripts&lt;/code&gt; defense using native &lt;code&gt;binding.gyp&lt;/code&gt; command substitution.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Malicious AI Routers&lt;/strong&gt;: Understanding the implications of the "Your Agent Is Mine" research, which reveals how third-party LLM APIs alter in-flight tool-calling requests.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Agentic Remediation&lt;/strong&gt;: New insights on safely scaling agentic AI in production environments.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Upcoming Events &amp;amp; Releases&lt;/strong&gt;: Details on my upcoming WeAreDevelopers World Congress sessions, a new talk at BaselOne, and a special comic book announcement.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🪱 The Evolution of Worms: Miasma and Phantom Gyp
&lt;/h2&gt;

&lt;p&gt;If you need a refresher on worms, perhaps take a look at my talk notes from EnterJS 2026: &lt;a href="https://containersecurity.dev/talk/defense-against-the-dark-arts-npm-attack-enterjs-2026" rel="noopener noreferrer"&gt;Defense Against the Dark Arts: NPM Attack&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fm1jiqixnwhyldmzifbgv.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fm1jiqixnwhyldmzifbgv.png" alt="Six Worms" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Just as the community began remediating the fallout from the TanStack CI cache poisoning, a highly sophisticated descendant emerged. In early June, the Miasma worm debuted a terrifying evasion technique dubbed "Phantom Gyp".&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fat14i376x0y85euwu6bn.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fat14i376x0y85euwu6bn.png" alt="Phantom Gyp: The Miasma Worm" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;For years, the standard advice for preventing malicious package execution during installation has been to run &lt;code&gt;npm install --ignore-scripts&lt;/code&gt;. Miasma renders this control entirely ineffective. The attackers embedded a tiny &lt;code&gt;binding.gyp&lt;/code&gt; file inside the published tarballs. Because package managers must process native bindings via &lt;code&gt;node-gyp&lt;/code&gt; before the C++ compiler is invoked, the malware uses command substitution to force the evaluation of an attacker-controlled shell payload during the configuration phase.&lt;/p&gt;

&lt;p&gt;I've put together a comprehensive analysis of the recent worm campaigns tearing through the ecosystem. You can read my full breakdown of the &lt;strong&gt;6 worms&lt;/strong&gt; here: &lt;a href="https://containersecurity.dev/blog/beyond-slsa" rel="noopener noreferrer"&gt;Beyond SLSA: The Worms Are Here&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Also, I gave &lt;em&gt;Phantom Gyp&lt;/em&gt; a special treatment, "composing" music for it:&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/SVz-sLhNSzg"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;




&lt;h2&gt;
  
  
  🤖 The AI Supply Chain &amp;amp; Production-Safe Remediation
&lt;/h2&gt;

&lt;p&gt;This month, I'm also poking my finger into academic research. This section is about a research paper titled &lt;a href="https://arxiv.org/abs/2604.08407" rel="noopener noreferrer"&gt;"Your Agent Is Mine: Measuring Malicious Intermediary Attacks on the LLM Supply Chain"&lt;/a&gt; by Hanzhi Liu &lt;em&gt;et al.&lt;/em&gt; from UC Santa Barbara (Liu &lt;em&gt;et quinque plures homines&lt;/em&gt;, as they say in Latin). The paper explores the security implications of using third-party LLM APIs in production environments.&lt;/p&gt;

&lt;p&gt;LLM API routers are basically a part of the transport layer that sits between your code and the LLM. They are responsible for routing requests to the appropriate model, handling retries, and managing rate limits. However, these routers have plaintext access to in-flight JSON payloads, which means that, if compromised, they can silently rewrite an LLM's output. A benign installation URL generated by an LLM can be swapped for a malicious script, or an API key can be seamlessly exfiltrated.&lt;/p&gt;

&lt;p&gt;To safely utilize these tools, we must rethink how we deploy them. I recently co-authored a deep dive on this exact topic that was featured on the main page of DZone! Check it out here: &lt;strong&gt;&lt;a href="https://dzone.com/articles/docker-mcp-agentic-remediation" rel="noopener noreferrer"&gt;Building Production-Safe Agentic Remediation With Docker MCP Gateway: Lessons From 43% to 100% Accuracy&lt;/a&gt;&lt;/strong&gt;.&lt;/p&gt;




&lt;h2&gt;
  
  
  🎙️ Recent Talks &amp;amp; Catch-Ups
&lt;/h2&gt;

&lt;p&gt;If you missed my recent conference appearances, the write-ups and recordings are now available:&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8279lkhpaaac0d8npn0t.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8279lkhpaaac0d8npn0t.png" alt="Defense Against the Dark Arts: NPM Attack" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;EnterJS 2026:&lt;/strong&gt; &lt;a href="https://containersecurity.dev/talk/defense-against-the-dark-arts-npm-attack-enterjs-2026" rel="noopener noreferrer"&gt;Defense Against the Dark Arts: NPM Attack&lt;/a&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;JRush:&lt;/strong&gt; I recently joined the JRush livestream for a great discussion on the current threat landscape. &lt;a href="https://www.youtube.com/live/AsGmInC_6Hs?si=oTr7Myg6048gVtaT" rel="noopener noreferrer"&gt;Watch the replay on YouTube here&lt;/a&gt;.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  📅 Upcoming Events: Berlin &amp;amp; Basel
&lt;/h2&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkb1mniwjdtiaptunkpn0.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fkb1mniwjdtiaptunkpn0.png" alt="Agentic AI in the Wild: What Actually Runs in Production" width="800" height="450"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The conversation regarding advanced supply chain security will continue next month in Berlin at the WeAreDevelopers World Congress. I have a packed schedule, and I’d love to see you there:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;July 8 (Pre-conference meetup):&lt;/strong&gt; &lt;a href="https://globalai.community/e/7lns53g4#sponsors" rel="noopener noreferrer"&gt;Agentic AI in the Wild: What Actually Runs in Production&lt;/a&gt; – I'm co-organizing this event alongside Dana Fine and Zaid Zaim. We have a fantastic lineup of speakers, including Ana-Maria Mihalceanu.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;July 9 (Conference workshop):&lt;/strong&gt; &lt;a href="https://containersecurity.dev/workshop-series/docker-commandos" rel="noopener noreferrer"&gt;Dockerize Java Securely: SBOMs + Attestations + Bake&lt;/a&gt;, which is &lt;em&gt;Docker Commandos v1.6.3&lt;/em&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;July 10 (Conference talk):&lt;/strong&gt; &lt;a href="https://containersecurity.dev/talk-topics/beyond-sboms" rel="noopener noreferrer"&gt;Beyond SBOMs: The Future of Container Supply Chain Security&lt;/a&gt;.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;strong&gt;Looking further ahead:&lt;/strong&gt; I am thrilled to announce that my talk has also been officially accepted at &lt;strong&gt;BaselOne&lt;/strong&gt;! More details on the schedule for that will follow soon.&lt;/p&gt;




&lt;h2&gt;
  
  
  📚 Special Announcement: "Black Forest Commandos: Asgard Mission"
&lt;/h2&gt;

&lt;p&gt;Finally, I am incredibly excited to announce that my comic book, &lt;strong&gt;"Black Forest Commandos: Asgard Mission,"&lt;/strong&gt; is officially coming out in September!&lt;/p&gt;

&lt;p&gt;This comic tells the story of the 10 Docker Commandos workshop series. It chronicles the exact narrative and technical challenges as they happened live during the workshops at:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;WeAreDevelopers Berlin 2026&lt;/li&gt;
&lt;li&gt;JCON Europe 2026&lt;/li&gt;
&lt;li&gt;Rabobank 2026&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The comic will be available in both print and digital formats. Stay tuned for pre-order information later this summer!&lt;/p&gt;

&lt;p&gt;Until then, keep your caches isolated, sandbox your AI agents, and verify your dependencies.&lt;/p&gt;

</description>
      <category>ai</category>
      <category>docker</category>
      <category>javascript</category>
      <category>security</category>
    </item>
    <item>
      <title>Supercharge Your AI Agent with Terraform: Introducing the Terraform Ops Kit for Docker Sandbox</title>
      <dc:creator>Falcon</dc:creator>
      <pubDate>Tue, 23 Jun 2026 21:40:10 +0000</pubDate>
      <link>https://dev.to/docker/supercharge-your-ai-agent-with-terraform-introducing-the-terraform-ops-kit-for-docker-sandbox-31di</link>
      <guid>https://dev.to/docker/supercharge-your-ai-agent-with-terraform-introducing-the-terraform-ops-kit-for-docker-sandbox-31di</guid>
      <description>&lt;p&gt;If you've ever wanted your AI coding agent to do more than just write code — to actually &lt;em&gt;plan&lt;/em&gt;, &lt;em&gt;validate&lt;/em&gt;, and &lt;em&gt;cost-estimate&lt;/em&gt; real cloud infrastructure — the new &lt;strong&gt;Terraform Ops Kit&lt;/strong&gt; for Docker Sandbox (sbx) is here to make that happen.&lt;/p&gt;

&lt;p&gt;This community-contributed kit, submitted to the &lt;a href="https://github.com/docker/sbx-kits-contrib" rel="noopener noreferrer"&gt;&lt;code&gt;docker/sbx-kits-contrib&lt;/code&gt;&lt;/a&gt; repository, brings a production-ready Infrastructure-as-Code (IaC) toolkit straight into the sandbox environment where agents like Claude, Gemini, GitHub Copilot, and Shell already run.&lt;/p&gt;




&lt;h2&gt;
  
  
  What Is a Sandbox Kit?
&lt;/h2&gt;

&lt;p&gt;Docker Sandbox (&lt;code&gt;sbx&lt;/code&gt;) is a runtime environment where AI agents operate. &lt;strong&gt;Kits&lt;/strong&gt; are modular add-ons that extend the capabilities of those agents — think of them as pre-configured toolboxes that get installed automatically when a sandbox is created.&lt;/p&gt;

&lt;p&gt;The Terraform Ops Kit is a &lt;strong&gt;mixin kit&lt;/strong&gt;, meaning it can be layered on top of any existing agent setup without replacing or conflicting with other kits.&lt;/p&gt;




&lt;h2&gt;
  
  
  What's Inside the Kit?
&lt;/h2&gt;

&lt;p&gt;When the Terraform Ops Kit is activated, six tools are pre-installed and ready to use inside the sandbox:&lt;/p&gt;

&lt;div class="table-wrapper-paragraph"&gt;&lt;table&gt;
&lt;thead&gt;
&lt;tr&gt;
&lt;th&gt;Tool&lt;/th&gt;
&lt;th&gt;Purpose&lt;/th&gt;
&lt;/tr&gt;
&lt;/thead&gt;
&lt;tbody&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Terraform&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Core IaC engine — plan, apply, and destroy infrastructure&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Terragrunt&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Terraform wrapper for DRY configurations and multi-account workflows&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;tflint&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Linter for catching Terraform misconfigurations before they're applied&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Checkov&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Static analysis security scanner for IaC files&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;Infracost&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Cost estimation — know the price tag before you deploy&lt;/td&gt;
&lt;/tr&gt;
&lt;tr&gt;
&lt;td&gt;&lt;strong&gt;AWS CLI&lt;/strong&gt;&lt;/td&gt;
&lt;td&gt;Interact with AWS services directly from the sandbox&lt;/td&gt;
&lt;/tr&gt;
&lt;/tbody&gt;
&lt;/table&gt;&lt;/div&gt;

&lt;p&gt;Together, these tools enable AI agents to autonomously carry out the full infrastructure development lifecycle: write Terraform code, lint it, scan it for security issues, estimate its cost, and plan the deployment — all without leaving the sandbox.&lt;/p&gt;




&lt;h2&gt;
  
  
  Why This Matters
&lt;/h2&gt;

&lt;p&gt;Infrastructure work has traditionally required a human-in-the-loop at every step. You'd write the config, then manually run &lt;code&gt;terraform plan&lt;/code&gt;, then check the security scan, then get a cost estimate — context switching across multiple tools.&lt;/p&gt;

&lt;p&gt;With the Terraform Ops Kit, an AI agent can now:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Autonomously validate&lt;/strong&gt; Terraform code before it ever touches a real environment&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Catch security misconfigurations&lt;/strong&gt; with Checkov as part of the planning phase&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Provide cost visibility&lt;/strong&gt; with Infracost, so there are no billing surprises&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Work with complex multi-environment setups&lt;/strong&gt; via Terragrunt&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;This is a meaningful step toward AI-assisted infrastructure operations, where the agent isn't just a code suggester but an active participant in the IaC workflow.&lt;/p&gt;




&lt;h2&gt;
  
  
  Smart Engineering Choices Under the Hood
&lt;/h2&gt;

&lt;p&gt;The kit author made several deliberate technical decisions worth highlighting, especially for developers reviewing or adapting the kit:&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Pinned versions instead of "latest"&lt;/strong&gt; — Both Terragrunt (&lt;code&gt;v0.59.3&lt;/code&gt;) and Infracost (&lt;code&gt;v0.10.31&lt;/code&gt;) are pinned to specific releases. This is because GitHub's API is rate-limited inside sandboxes (no auth token available), making automatic "latest version" detection unreliable. Pinning guarantees reproducible installs.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;APT for Checkov instead of pip&lt;/strong&gt; — On Ubuntu 24.04, running &lt;code&gt;pip3 install checkov&lt;/code&gt; throws a &lt;code&gt;PEP 668&lt;/code&gt; error due to the externally-managed-environment policy. The kit installs Checkov via &lt;code&gt;apt&lt;/code&gt; (&lt;code&gt;python3-checkov&lt;/code&gt;), which sidesteps the conflict cleanly.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;code&gt;/etc/os-release&lt;/code&gt; over &lt;code&gt;lsb_release&lt;/code&gt;&lt;/strong&gt; — The shell-docker image doesn't ship &lt;code&gt;lsb_release&lt;/code&gt;, so the kit reads the OS release file directly for Ubuntu version detection.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;&lt;code&gt;curl&lt;/code&gt; over &lt;code&gt;wget&lt;/code&gt;&lt;/strong&gt; — The shell-docker image includes &lt;code&gt;curl&lt;/code&gt; but not &lt;code&gt;wget&lt;/code&gt;. A small detail, but the kind that causes frustrating install failures if overlooked.&lt;/p&gt;

&lt;p&gt;These choices reflect the kind of environment-aware engineering that makes the difference between a kit that works reliably in production and one that breaks on edge cases.&lt;/p&gt;




&lt;h2&gt;
  
  
  File Structure
&lt;/h2&gt;

&lt;p&gt;The kit follows the standard sbx kit layout:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;terraform-ops-kit/
├── spec.yaml    # Kit definition and install steps
└── README.md    # Usage documentation
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Simple, focused, and easy to fork or adapt for your own toolchain.&lt;/p&gt;




&lt;h2&gt;
  
  
  Tested and Validated
&lt;/h2&gt;

&lt;p&gt;The kit has been validated using the sbx CLI:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;code&gt;sbx kit validate&lt;/code&gt; — returns &lt;strong&gt;VALID&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;Sandbox created with &lt;code&gt;sbx create --kit ./terraform-ops-kit/ shell /tmp/tf-test&lt;/code&gt; — all 6 tools installed successfully&lt;/li&gt;
&lt;li&gt;All tools confirmed working via version checks: &lt;code&gt;terraform&lt;/code&gt;, &lt;code&gt;terragrunt&lt;/code&gt;, &lt;code&gt;tflint&lt;/code&gt;, &lt;code&gt;infracost&lt;/code&gt;, and &lt;code&gt;aws-cli&lt;/code&gt;
&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  Get Started
&lt;/h2&gt;

&lt;p&gt;The Terraform Ops Kit is currently open for review as &lt;a href="https://github.com/docker/sbx-kits-contrib/pull/98" rel="noopener noreferrer"&gt;Pull Request #98&lt;/a&gt; in the &lt;code&gt;docker/sbx-kits-contrib&lt;/code&gt; repository. Once merged, you'll be able to use it like any other community kit.&lt;/p&gt;

&lt;p&gt;If you're building AI-assisted DevOps workflows, working on cloud infrastructure automation, or just want your agent to have a stronger grasp of IaC tooling, this kit is worth a close look.&lt;/p&gt;




&lt;p&gt;&lt;em&gt;Contributed by &lt;a href="https://github.com/falconcr" rel="noopener noreferrer"&gt;@falconcr&lt;/a&gt; · &lt;a href="https://github.com/docker/sbx-kits-contrib/pull/98" rel="noopener noreferrer"&gt;docker/sbx-kits-contrib#98&lt;/a&gt;&lt;/em&gt;&lt;/p&gt;

</description>
      <category>docker</category>
      <category>gde</category>
    </item>
    <item>
      <title>Docker Security Dispatch — Issue 3: Zurich, Worms, and the AI Frontier 🏔️</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Mon, 22 Jun 2026 07:00:00 +0000</pubDate>
      <link>https://dev.to/docker/docker-security-dispatch-issue-3-zurich-worms-and-the-ai-frontier-3pep</link>
      <guid>https://dev.to/docker/docker-security-dispatch-issue-3-zurich-worms-and-the-ai-frontier-3pep</guid>
      <description>&lt;p&gt;Welcome to the third issue of &lt;strong&gt;Docker Security Dispatch&lt;/strong&gt;, written on the beautiful island of Mallorca. May was the month to conquer SBOMs and move beyond them. It was a rollercoaster of supply chain incidents, security research, and operational AI news.&lt;/p&gt;

&lt;p&gt;We had a major supply chain cascade through &lt;strong&gt;TanStack&lt;/strong&gt; and &lt;strong&gt;Nx Console&lt;/strong&gt;, the long tail of Mini Shai-Hulud kept showing up in developer environments, Docker had to respond to a kernel-level container breakout class, and I brought the Commandos on stage at &lt;strong&gt;DevOpsDays Zurich&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Not a quiet month, then.&lt;/p&gt;

&lt;h3&gt;
  
  
  Key Takeaways
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Recap of the Beyond SBOMs talk at DevOpsDays Zurich 2026.&lt;/li&gt;
&lt;li&gt;What the TanStack and Nx Console compromises teach us about OIDC, provenance, CI caches, and developer workstations.&lt;/li&gt;
&lt;li&gt;Why Mini Shai-Hulud's IDE and agent persistence is still the right warning sign for AI-assisted development.&lt;/li&gt;
&lt;li&gt;A practical look at Copy Fail, Docker Engine mitigations, AI workloads, and the road to WeAreDevelopers Berlin.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🏔️ DevOpsDays Zurich: Beyond SBOMs
&lt;/h2&gt;

&lt;p&gt;On &lt;strong&gt;May 6&lt;/strong&gt;, I was at &lt;strong&gt;DevOpsDays Zurich 2026&lt;/strong&gt; with my talk: &lt;strong&gt;Beyond SBOMs: The Future of Container Supply Chain Security&lt;/strong&gt;:&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/talk/beyond-sboms-devopsdays-zurich-2026" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Flissan-al-ghayb.png" height="447" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/talk/beyond-sboms-devopsdays-zurich-2026" rel="noopener noreferrer" class="c-link"&gt;
            Beyond SBOMs: The Future of Container Supply Chain Security — Talk by Mohammad-Ali A'râbi - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            When a single phished NPM maintainer led to 18 compromised libraries—including Chalk and Debug, downloaded billions of times weekly—it proved one thing: basic SBOMs alone aren't enough. But when the recent "Mini Shai Hulud" worm and its family of variants began silently tunneling through CI/CD pipelines to infect downstream containers, it proved our entire approach to build-time security needs a massive upgrade.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;The main point was simple: an SBOM is a receipt, not a shield.&lt;/p&gt;

&lt;p&gt;I had a checklist at the end of the talk, which was photographed a few times, so here it is in text form:&lt;/p&gt;

&lt;h3&gt;
  
  
  Beyond SBOMs Checklist
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;1. Harden build.&lt;/strong&gt; Implement SLSA level 3 to protect your builds and their credentials.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;2. Pin your versions.&lt;/strong&gt; Use pinned dependencies and pinned base images.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;3. Cool down.&lt;/strong&gt; Have a cool-down period before installing a newly published package or image.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;4. Don't trust AI.&lt;/strong&gt; Put your AI agent in a sandbox, e.g. Docker Sandboxes.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;5. Short-lived keys.&lt;/strong&gt; Use short-lived keys to limit the blast radius of a compromised credential.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;6. Disable lifecycle scripts.&lt;/strong&gt; By default, install dependencies with &lt;code&gt;--ignore-scripts&lt;/code&gt;.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;7. Have an incident playbook.&lt;/strong&gt; Know how to respond when you find a malicious package or image in your supply chain.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you want more context, some Swiss German, or perhaps a discount code, watch the full talk.&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/1_39oapnMfY"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;




&lt;h2&gt;
  
  
  🧨 TanStack, Nx Console, and the Cache That Bit Back
&lt;/h2&gt;

&lt;p&gt;The largest supply chain story of May was the chain from the &lt;strong&gt;TanStack npm compromise&lt;/strong&gt; to the &lt;strong&gt;Nx Console compromise&lt;/strong&gt;. Quick context if, like me, you don't spend every day inside the frontend tooling universe:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;TanStack&lt;/strong&gt; is the open-source project family behind popular JavaScript and TypeScript libraries like TanStack Query, Router, Table, and Start.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Nx Console&lt;/strong&gt; is an IDE extension for Nx, a build system and monorepo tool used by many JavaScript and TypeScript teams.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;The short version: attackers abused CI/CD trust boundaries, poisoned a package-manager cache, waited for a privileged release workflow, and ended up publishing malicious packages and extension releases. The uncomfortable part is that some of the malicious packages still looked like they came from a legitimate publishing path, because the attacker got hold of valid short-lived credentials during the build.&lt;/p&gt;

&lt;p&gt;To learn more, read the postmortems:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://tanstack.com/blog/npm-supply-chain-compromise-postmortem" rel="noopener noreferrer"&gt;TanStack npm supply-chain compromise postmortem&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://nx.dev/blog/nx-console-v18-95-0-postmortem" rel="noopener noreferrer"&gt;Nx Console v18.95.0 supply-chain compromise postmortem&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.microsoft.com/en-us/security/blog/2026/05/29/33-malicious-npm-packages-abuse-dependency-confusion-profile-developer-environments/" rel="noopener noreferrer"&gt;Microsoft's write-up on malicious npm packages&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h3&gt;
  
  
  Supply Chain Takeaways
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Treat CI caches as executable trust boundaries. A poisoned cache can be as dangerous as a poisoned dependency.&lt;/li&gt;
&lt;li&gt;Treat developer workstations and IDEs as part of the supply chain. They are not outside the blast radius anymore.&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🪱 Mini Shai-Hulud: Still in the Walls
&lt;/h2&gt;

&lt;p&gt;In Issue 2, I wrote about &lt;strong&gt;Mini Shai-Hulud&lt;/strong&gt;, the NPM supply chain worm that arrived on my birthday. The worm even ended up in my Zurich talk's slides and raised some copyright concerns!&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Context&lt;/strong&gt;. &lt;em&gt;Shai Hulud&lt;/em&gt; is the giant sandworm from the Dune universe. The phrase "shai hulud" can be read through Arabic as "شيء خلود" (shay' khulud), meaning "eternal thing". In my slides, a Persian poet is riding the worm, because Hafez was known as &lt;em&gt;Lissan al-Gaib&lt;/em&gt; ("the tongue of the unseen") long before Paul Atreides took the name in Dune.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fhicnvpmje40kf0ry3ujj.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fhicnvpmje40kf0ry3ujj.png" alt="Lissan al-Gaib riding Shai Hulud" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;The real lesson was persistence in the developer inner loop.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/blog/mini-shai-hulud-attack" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Fmini-shai-hulud.png" height="533" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/blog/mini-shai-hulud-attack" rel="noopener noreferrer" class="c-link"&gt;
            Mini Shai-Hulud: The Next Evolution of NPM Supply Chain Worms - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            A deep dive into the Mini Shai-Hulud attack, a sophisticated NPM worm that uses the Bun runtime to bypass security and targets developer agents for persistence.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;Mini Shai-Hulud abused the &lt;strong&gt;Bun runtime&lt;/strong&gt; to step around Node-focused security tooling. More importantly, it planted hooks in places developers trust:&lt;/p&gt;

&lt;h3&gt;
  
  
  Places to Inspect
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;code&gt;.vscode/tasks.json&lt;/code&gt; with &lt;code&gt;"runOn": "folderOpen"&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;code&gt;.claude/settings.json&lt;/code&gt; with &lt;code&gt;SessionStart&lt;/code&gt;
&lt;/li&gt;
&lt;li&gt;package lifecycle scripts&lt;/li&gt;
&lt;li&gt;workflow files and local helper scripts&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;That means removing &lt;code&gt;node_modules&lt;/code&gt; is not enough. If the repository itself has been modified, the infection can come back when someone opens the folder or starts an AI coding session.&lt;/p&gt;

&lt;p&gt;So the practical reminder for June:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;rg &lt;span class="nt"&gt;-n&lt;/span&gt; &lt;span class="s2"&gt;"runOn|folderOpen|SessionStart|bun|curl|wget"&lt;/span&gt; .vscode .claude package.json .github
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;And for untrusted repositories or AI-agent work, keep using isolation. Docker Sandboxes are a very natural fit here because the agent can inspect, build, and run code without turning your host machine into the place where every experiment gets to execute freely.&lt;br&gt;
&lt;/p&gt;
&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;sbx run claude
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F42xewae3bnhvf2xw84py.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F42xewae3bnhvf2xw84py.png" alt="JAVAPRO Special Edition PDF" width="800" height="1131"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;They say to kill the Shai-Hulud, put it in a box of sand and pour water on it. I still like that line.&lt;/p&gt;

&lt;p&gt;Funny enough, I had already written about a small Shai Hulud before Mini Shai-Hulud was a thing. My JAVAPRO article &lt;strong&gt;"The Whispering JAR: Java Security Lessons Hidden in a Fantasy Tale"&lt;/strong&gt; features a tiny Shai Hulud and covers mitigation practices that map surprisingly well to defending against Mini Shai-Hulud. I should probably start fortune-telling.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://javapro.io/2026/04/23/the-whispering-jar-java-security-lessons-hidden-in-a-fantasy-tale/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2026%2F02%2FChatGPT-Image-Feb-11-2026-12_02_24-AM.png" height="533" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://javapro.io/2026/04/23/the-whispering-jar-java-security-lessons-hidden-in-a-fantasy-tale/" rel="noopener noreferrer" class="c-link"&gt;
            The Whispering JAR: Java Security Lessons Hidden in a Fantasy Tale - JAVAPRO International
          &lt;/a&gt;
        &lt;/h2&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2024%2F07%2Fjavapro-favicon-80x80.jpg" width="80" height="80"&gt;
          javapro.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;



&lt;p&gt;The article is also featured in JAVAPRO's special edition. You can download the PDF edition from JAVAPRO here:&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://javapro.io/2026/05/28/always-up-to-date-with-every-new-free-pdf-edition-5/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2026%2F05%2FSubscribe-Newsletter-JAVAPRO-Magazine-PDF-26-5-Header.png" height="450" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://javapro.io/2026/05/28/always-up-to-date-with-every-new-free-pdf-edition-5/" rel="noopener noreferrer" class="c-link"&gt;
            Always Up to Date - with Every New Free PDF Edition! - JAVAPRO International
          &lt;/a&gt;
        &lt;/h2&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2024%2F07%2Fjavapro-favicon-80x80.jpg" width="80" height="80"&gt;
          javapro.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;h2&gt;
  
  
  🧱 Copy Fail and the Boring Beauty of Defense in Depth
&lt;/h2&gt;

&lt;p&gt;May was not only about JavaScript packages and IDEs. The container runtime layer had its own moment with &lt;strong&gt;CVE-2026-31431&lt;/strong&gt;, also called &lt;strong&gt;Copy Fail&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;Here is the Python-developer version.&lt;/p&gt;

&lt;p&gt;Linux has kernel features that user programs can call into, a little like importing a standard-library module. One of those features is &lt;code&gt;AF_ALG&lt;/code&gt;, an interface that lets programs ask the kernel to do cryptographic operations. Think: "please encrypt this buffer for me."&lt;/p&gt;

&lt;p&gt;Copy Fail was a bug in how the kernel handled one of those crypto operations when the input and output memory overlapped. If you have ever written Python like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight python"&gt;&lt;code&gt;&lt;span class="nb"&gt;buffer&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;bytearray&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="sa"&gt;b&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="s"&gt;important data&lt;/span&gt;&lt;span class="sh"&gt;"&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;
&lt;span class="n"&gt;view&lt;/span&gt; &lt;span class="o"&gt;=&lt;/span&gt; &lt;span class="nf"&gt;memoryview&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nb"&gt;buffer&lt;/span&gt;&lt;span class="p"&gt;)&lt;/span&gt;

&lt;span class="c1"&gt;# Imagine a buggy low-level function reading and writing overlapping slices.
&lt;/span&gt;&lt;span class="nf"&gt;crypto_operation&lt;/span&gt;&lt;span class="p"&gt;(&lt;/span&gt;&lt;span class="nb"&gt;input&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="n"&gt;view&lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="mi"&gt;0&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="mi"&gt;8&lt;/span&gt;&lt;span class="p"&gt;],&lt;/span&gt; &lt;span class="n"&gt;output&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="n"&gt;view&lt;/span&gt;&lt;span class="p"&gt;[&lt;/span&gt;&lt;span class="mi"&gt;4&lt;/span&gt;&lt;span class="p"&gt;:&lt;/span&gt;&lt;span class="mi"&gt;12&lt;/span&gt;&lt;span class="p"&gt;])&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;Then you already understand the shape of the problem: the code thinks it is copying or transforming bytes safely, but the read side and write side point into memory in a way the function did not handle correctly.&lt;/p&gt;

&lt;p&gt;In the kernel, that kind of mistake is much more serious than a corrupted Python &lt;code&gt;bytearray&lt;/code&gt;. The kernel manages shared caches and host resources. Under the wrong conditions, a low-privileged local attacker could use the bug to write where they should not be able to write. In container terms, that raises the scary question: can a process inside a container influence the host?&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fqc0v0kohfpk2m5nfz67s.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fqc0v0kohfpk2m5nfz67s.png" alt="Docker and Kubernetes Security book cover" width="800" height="992"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Docker published mitigations in Docker Engine, first tightening the default seccomp profile and then adding stronger AppArmor and SELinux coverage for the &lt;code&gt;alg&lt;/code&gt; socket family.&lt;/p&gt;

&lt;p&gt;AppArmor and SELinux are covered in my book &lt;strong&gt;Docker and Kubernetes Security&lt;/strong&gt;. They are Linux Security Modules that let you write policies to restrict what a process can do.&lt;/p&gt;

&lt;p&gt;The interesting part is not only the CVE. It is the mitigation story.&lt;/p&gt;

&lt;p&gt;Container security works because layers overlap:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;namespaces and cgroups reduce what a process can see and consume&lt;/li&gt;
&lt;li&gt;seccomp filters dangerous syscall paths&lt;/li&gt;
&lt;li&gt;AppArmor or SELinux adds policy at the Linux Security Module layer&lt;/li&gt;
&lt;li&gt;minimal and hardened images reduce useful tools inside the container&lt;/li&gt;
&lt;li&gt;runtime monitoring catches behavior that static scanning cannot&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;When one layer has a bad day, the others still matter. Your castle needs outer walls, inner walls, guards, and a moat. Check out the first chapter of &lt;strong&gt;Black Forest Shadow&lt;/strong&gt;:&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/black-forest-shadow/chapter-1/defense-in-depth" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fog-image.png" height="420" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/black-forest-shadow/chapter-1/defense-in-depth" rel="noopener noreferrer" class="c-link"&gt;
            Defense in Depth - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            In cybersecurity, defense in depth is a strategy that employs multiple layers of security controls throughout an IT system. This approach ensures that if one...
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;



&lt;p&gt;By the way, &lt;strong&gt;Black Forest Shadow&lt;/strong&gt; is available to &lt;a href="https://dockersecurity.io/black-forest-shadow" rel="noopener noreferrer"&gt;read online&lt;/a&gt; for free now. You can still get the PDF in the &lt;a href="https://dockersecurity.io/shop" rel="noopener noreferrer"&gt;shop&lt;/a&gt; or order the physical book on Amazon or from your local bookstore.&lt;/p&gt;




&lt;h2&gt;
  
  
  🤖 Operational AI with Docker
&lt;/h2&gt;

&lt;p&gt;May also brought a happier topic: &lt;strong&gt;Operational AI with Docker&lt;/strong&gt; is out. I wrote a short review about my experience as a technical reviewer and why the book is worth reading if you care about Docker, MCP, agents, and local AI workflows.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/blog/book-review-operational-ai-with-docker" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Foperational-ai-with-docker-selfie.png" height="986" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/blog/book-review-operational-ai-with-docker" rel="noopener noreferrer" class="c-link"&gt;
            Book Review: Operational AI with Docker - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            An exclusive behind-the-scenes look at the book 'Operational AI with Docker' by Ajeet Singh Raina and Harsh Manvar, including insights from my role as a technical reviewer.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;The security angle is simple: AI workloads bring more moving parts into the supply chain: model files, MCP servers, agent plugins, local tools, and permissions. The old question was "what is in my container?" The new question is closer to "what can this agent reach, execute, remember, and publish?"&lt;/p&gt;




&lt;h2&gt;
  
  
  📅 Next: EnterJS, Then WeAreDevelopers Berlin
&lt;/h2&gt;

&lt;p&gt;June takes me to &lt;strong&gt;EnterJS&lt;/strong&gt; in Mannheim with &lt;strong&gt;Defense Against the Dark Arts: NPM Attack&lt;/strong&gt;, which now feels less like a clever title and more like a monthly incident response exercise.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/talk/defense-against-the-dark-arts-npm-attack-enterjs-2026" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Fdefense-against-dark-arts.png" height="447" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/talk/defense-against-the-dark-arts-npm-attack-enterjs-2026" rel="noopener noreferrer" class="c-link"&gt;
            Defense Against the Dark Arts: NPM Attack — Talk by Mohammad-Ali A'râbi - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            A deep dive into the September 2025 NPM supply chain attack—one of the largest in history—and how to defend your enterprise JavaScript applications.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;Then in July, I will be back at &lt;strong&gt;WeAreDevelopers World Congress&lt;/strong&gt; in Berlin with two talks:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;a href="https://dockersecurity.io/talk/dockerize-java-securely-wearedevelopers-2026" rel="noopener noreferrer"&gt;Dockerize Java Securely: SBOMs + Attestations + Bake&lt;/a&gt; on &lt;strong&gt;July 9&lt;/strong&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://dockersecurity.io/talk/beyond-sboms-wearedevelopers-2026" rel="noopener noreferrer"&gt;Beyond SBOMs: The Future of Container Supply Chain Security&lt;/a&gt; on &lt;strong&gt;July 10&lt;/strong&gt;
&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Last year at WeAreDevelopers, more than 100 people queued for 40 seats at my Docker workshop. This year, the Commandos return with a much darker threat model and a much better battle plan.&lt;/p&gt;




&lt;h2&gt;
  
  
  🏁 Final Thoughts
&lt;/h2&gt;

&lt;p&gt;Look out for worms, check your caches, and keep building those walls. Also, have fun this summer!&lt;/p&gt;

</description>
      <category>docker</category>
      <category>sbom</category>
      <category>ai</category>
      <category>security</category>
    </item>
    <item>
      <title>Beyond SLSA: How to Stop Zero-Click CI/CD Worms with a 9-Step Plan</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Thu, 18 Jun 2026 10:19:19 +0000</pubDate>
      <link>https://dev.to/docker/beyond-slsa-how-to-stop-zero-click-cicd-worms-with-a-9-step-plan-1l36</link>
      <guid>https://dev.to/docker/beyond-slsa-how-to-stop-zero-click-cicd-worms-with-a-9-step-plan-1l36</guid>
      <description>&lt;p&gt;The security perimeter of modern software development has officially collapsed. Historically, protecting your supply chain meant scanning static containers and blocking typosquatted packages. But between late 2025 and mid-2026, a terrifying paradigm shift occurred: adversaries abandoned passive repository poisoning to deploy autonomous, self-replicating worms directly into developer IDEs and CI/CD pipelines.&lt;/p&gt;

&lt;p&gt;When developers are no longer just building software but are themselves the perimeter, tools like SLSA Level 3 and container vulnerability scanning are necessary prerequisites—but they remain blind to pre-build, pre-compilation threats. If a worm steals your credentials or compromises your pipeline cache &lt;em&gt;before&lt;/em&gt; a container image is ever built, your final Software Bill of Materials (SBOM) will look perfectly fine while carrying authentic, cryptographically verified malicious payloads.&lt;/p&gt;

&lt;p&gt;To bridge this structural gap, we introduce the &lt;strong&gt;IX Hexbreaker Aegis Framework&lt;/strong&gt;—a 9-step active defense architecture designed to sanitize the local developer environment, lock down agentic AI, and stop autonomous worms dead in their tracks. For a formal mapping of these structural vulnerabilities across ecosystems, refer to the research article &lt;em&gt;SoK: Weaponizing the Developer Context: A Taxonomy of Autonomous CI/CD Worms and Remediation Architectures&lt;/em&gt; (available on &lt;a href="https://doi.org/10.5281/zenodo.20694817" rel="noopener noreferrer"&gt;doi.org/10.5281/zenodo.20694817&lt;/a&gt;).&lt;/p&gt;




&lt;h2&gt;
  
  
  Chronology of Chaos: The 6 Modern Worm Campaigns
&lt;/h2&gt;

&lt;p&gt;To understand why traditional perimeter security failed, we must look at the rapid evolutionary velocity of the six defining autonomous campaigns in the Shai-Hulud and Miasma lineages:&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fivj23k10pwfzcgev5rhf.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2Fivj23k10pwfzcgev5rhf.png" alt="Six Worms" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h3&gt;
  
  
  1. Shai-Hulud Wave 1 (September 2025)
&lt;/h3&gt;

&lt;p&gt;The sandworm made it debut as the first self-propagating npm supply chain worm on record. Attackers gained initial maintainer access via phishing and credential stuffing. Once inside, the worm stole GitHub Personal Access Tokens (PATs) and cloud provider API keys from local developer environments, uploaded them to a public "dead-drop" repository, and autonomously used the stolen tokens to publish infected updates to every package that developer maintained.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Shai-Hulud 2.0 (November 2025)
&lt;/h3&gt;

&lt;p&gt;The second wave scaled massively, compromising around 350 user accounts and spawning over 25,000 malicious repositories. Mechanically, this campaign shifted its execution trigger from &lt;code&gt;postinstall&lt;/code&gt; to &lt;code&gt;preinstall&lt;/code&gt; to maximize stealth. It also pioneered runtime evasion by dynamically downloading a standalone Bun binary to run its core obfuscated payload, completely dodging traditional security tooling looking only for Node.js child processes.&lt;/p&gt;

&lt;p&gt;This was still the time that we could disable lifecycles scripts in package managers and install npm packages with &lt;code&gt;--ignore-scripts&lt;/code&gt; to block the attack. As they say, it was the most wonderful time of the year—spoiler alert: it would not last.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Mini Shai-Hulud (April–May 2026)
&lt;/h3&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5st4k87tm5yyae68rnhx.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F5st4k87tm5yyae68rnhx.png" alt="Gord and Rothütle putting a Mini Shai Hulud in a sandbox" width="800" height="533"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Orchestrated by the threat group TeamPCP, this variant targeted the enterprise-grade SAP Cloud Application Programming (CAP) ecosystem. It introduced environmental gating (self-terminating if the system language was Russian) and achieved long-term IDE persistence by planting unauthorized startup hooks inside localized AI settings.&lt;/p&gt;

&lt;p&gt;This was a turning point in the attack surface: the worm was no longer just targeting package manager lifecycles, but was instead weaponizing the very context in which code is written. That included the AI agents that developers rely on to write code in the first place. This was also a memorable time for me personally, as the worm was first observed on April 29, 2026—my 35th birthday. I guess the universe wanted to give me a "gift" that year (in its German sense)!&lt;/p&gt;

&lt;h3&gt;
  
  
  4. The TanStack Cache Poisoning Incident (May 11, 2026)
&lt;/h3&gt;

&lt;p&gt;Assignee of CVE-2026-45321, this campaign proved that sophisticated worms no longer counterfeit trust signals; they commandeer pipelines to earn them. By chaining a &lt;code&gt;pull_request_target&lt;/code&gt; misconfiguration with a GitHub Actions cache contamination vector, the worm poisoned a shared dependency store. When a highly privileged release workflow ran, it restored the poisoned cache, allowing the worm to scrape OIDC tokens straight out of the runner's worker process memory to sign and publish 84 malicious packages carrying authentic SLSA Level 3 provenance.&lt;/p&gt;

&lt;p&gt;This was another major moment, as with this attack, SLSA Level 3 was officially rendered insufficient as a standalone defense. The attack also proved that even if your final SBOM looks clean, it can still be the product of a compromised build environment.&lt;/p&gt;

&lt;h3&gt;
  
  
  5. Miasma Wave 1: Red Hat npm Packages (June 1, 2026)
&lt;/h3&gt;

&lt;p&gt;A direct descendant of Shai-Hulud, this worm compromised 32 official packages in the &lt;code&gt;@redhat-cloud-services&lt;/code&gt; namespace. Attackers bypassed standard code review by committing malicious code via orphan commits. It featured per-infection payload encryption to blind hash-based detection and included a destructive dead-man's switch: if defenders revoked or touched the honeypot token, a background script immediately wiped the developer's home directory.&lt;/p&gt;

&lt;p&gt;This means, the worm would take your entire development environment hostage, threatening to delete the "French language package" from your machine: &lt;code&gt;sudo rm -fr ~&lt;/code&gt;.&lt;/p&gt;

&lt;h3&gt;
  
  
  6. Miasma Wave 2: The Phantom Gyp Exploit (June 3, 2026)
&lt;/h3&gt;

&lt;p&gt;Two days later, Wave 2 compromised 57 packages in under two hours. This campaign introduced the "Phantom Gyp" technique, which completely neutralized the industry's standard defense of using the &lt;code&gt;--ignore-scripts&lt;/code&gt; flag. Instead of relying on &lt;code&gt;package.json&lt;/code&gt; scripts, it weaponized native &lt;code&gt;binding.gyp&lt;/code&gt; command substitution, forcing the package manager to execute an arbitrary shell payload during the initial configuration phase before any C++ compiler was even called.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F675u1kmp47utiomlqwtf.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F675u1kmp47utiomlqwtf.png" alt="Phantom Gyp: The Opera Worm" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  The 4 Overlooked Execution Surfaces
&lt;/h2&gt;

&lt;p&gt;As mapped in the SoK paper, these six campaigns achieved rapid, zero-click propagation by targeting four distinct surfaces that fall entirely outside the scope of static scanners:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Zero-Click IDE Execution:&lt;/strong&gt; Hidden workspace configurations (like &lt;code&gt;.vscode/tasks.json&lt;/code&gt;) trigger malicious payloads the absolute millisecond an infected repository folder is opened in code editors like VS Code.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;AI Context Window Poisoning:&lt;/strong&gt; In advanced waves like the TrapDoor campaign, attackers plant instructions containing invisible zero-width Unicode characters inside files like &lt;code&gt;.cursorrules&lt;/code&gt; or &lt;code&gt;.claude/settings.json&lt;/code&gt;. These characters are completely invisible to human reviewers but command local AI agents to execute unauthorized scripts.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Pipeline Memory Scraping:&lt;/strong&gt; Highly privileged Linux CI runners are targeted post-installation. Worms scan the &lt;code&gt;/proc&lt;/code&gt; directory to scrape ambient OpenID Connect (OIDC) tokens and secret tokens straight out of active process memory, completely bypassing standard build-log secret masking.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Native Build Hijacking (Phantom Gyp):&lt;/strong&gt; Attackers bypass the standard &lt;code&gt;--ignore-scripts&lt;/code&gt; defense by appending a tiny, static &lt;code&gt;binding.gyp&lt;/code&gt; file to the published package tarball to hijack native node-gyp execution.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8fo8qnqramm5518lgsdh.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.us-east-2.amazonaws.com%2Fuploads%2Farticles%2F8fo8qnqramm5518lgsdh.png" alt="When Your Tools Turn Against You" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  The IX Hexbreaker Aegis Framework: A 9-Step Active Defense Plan
&lt;/h2&gt;

&lt;p&gt;If you have an army of Shai Huluds and Miasmas marching toward your development environment, you need a cool name for your defense strategy: &lt;strong&gt;The IX Hexbreaker Aegis&lt;/strong&gt;. The 9 is Roman, they're breaking the hex, and an aegis is a shield of protection. Nice, right?&lt;/p&gt;

&lt;p&gt;The IX Hexbreaker Aegis architecture layers an active, pre-build defense boundary on top of traditional container hardening practices.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;                          [ UNTRUSTED REPOSITORY ]
                                     │
           ┌─────────────────────────┴─────────────────────────┐
           ▼                                                   ▼
 ┌───────────────────┐                               ┌───────────────────┐
 │ Local Development │                               │   CI/CD Pipeline  │
 └─────────┬─────────┘                               └─────────┬─────────┘
           │                                                   │
           ├─► 1. AI Agent Sandboxing (Docker Sandboxes)       ├─► 4. OIDC Scope Minimization
           ├─► 2. Pre-Execution Workspace Parsing              ├─► 5. Immutable CI/CD Caching
           ├─► 3. Ephemeral, Air-Gapped Dev Environments       ├─► 7. Heuristic Build-Time eBPF
           ├─► 6. Hardware-Backed Commit Binding               ├─► 8. Egress Traffic Filtering
           └─► 9. Zero-Trust AI Prompts                        └─────────────────────────────────┘

&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h3&gt;
  
  
  1. AI Agent Sandboxing via Docker Sandboxes
&lt;/h3&gt;

&lt;p&gt;Running localized AI coding assistants directly on a host machine exposes local credential stores to prompt injection. This step mandates wrapping AI agents inside isolated microVMs via &lt;strong&gt;Docker Sandboxes&lt;/strong&gt;. Each session runs under its own kernel, filesystem, and network stack. Because API keys are never injected into the microVM's environment—and are instead handled by a host-side proxy at the network layer—a compromised AI agent cannot find any raw host credentials to steal.&lt;/p&gt;

&lt;h3&gt;
  
  
  2. Pre-Execution Workspace Parsing
&lt;/h3&gt;

&lt;p&gt;Manual code reviews fail against steganographic payloads. Organizations must implement automated semantic scanning of all hidden AI configuration files (&lt;code&gt;.cursorrules&lt;/code&gt;, &lt;code&gt;.claude/settings.json&lt;/code&gt;, etc.) prior to context-loading. Utilizing LLM-based semantic judging helps identify hidden zero-width Unicode instructions and malicious execution trajectories before your primary development AI processes them.&lt;/p&gt;

&lt;h3&gt;
  
  
  3. Ephemeral, Air-Gapped Development Environments
&lt;/h3&gt;

&lt;p&gt;Replace static, long-lived local development environments with remote, containerized alternatives like Dev Containers or GitHub Codespaces. These environments must enforce strict egress network filtering. By air-gapping the container and explicitly allowlisting only verified registries, a background worm's killchain is severed because it can neither download secondary runtimes nor reach out to an external command-and-control server.&lt;/p&gt;

&lt;h3&gt;
  
  
  4. Strict OIDC Scope Minimization
&lt;/h3&gt;

&lt;p&gt;The TanStack cache poisoning incident proved that overly broad OIDC permissions allow background malware to hijack trusted publisher workflows. Ensure JSON Web Tokens (JWTs) are generated with the absolute minimum Time-to-Live (TTL) required for a specific job step, and bind them to restricted, precise audiences. Never expose token-writing privileges to general, multi-purpose pipeline jobs.&lt;/p&gt;

&lt;h3&gt;
  
  
  5. Immutable CI/CD Caching
&lt;/h3&gt;

&lt;p&gt;Internal caching mechanisms often bypass repository workflow boundaries. Under this rule, caches generated by unvetted fork-context pull requests must be completely isolated from high-privilege release workflows. Cryptographic hash verification must be enforced on package manager caches to guarantee that a poisoned pull request cannot inject malicious binaries into a shared repository store.&lt;/p&gt;

&lt;h3&gt;
  
  
  6. Hardware-Backed Commit Binding
&lt;/h3&gt;

&lt;p&gt;Worms rapidly spread sideways through development environments by stealing local SSH keys or Personal Access Tokens (PATs) to commit code autonomously. This step mandates that all commits and Git tags be cryptographically signed using FIDO2 hardware security keys (e.g., a YubiKey using an &lt;code&gt;sk-ed25519&lt;/code&gt; key format). Because the key requires a physical capacitive touch to sign, an automated background process is structurally blocked from making commits.&lt;/p&gt;

&lt;h3&gt;
  
  
  7. Heuristic Build-Time Anomaly Detection
&lt;/h3&gt;

&lt;p&gt;Static image analysis cannot catch multi-stage, uniquely encrypted droppers executing in real time. Implement kernel-level observability using &lt;strong&gt;eBPF&lt;/strong&gt; to trace process execution trees inside your build systems. The heuristic engine should immediately flag and quarantine anomalous subprocesses, such as an unprompted &lt;code&gt;node-gyp rebuild&lt;/code&gt; on a package containing no legitimate native code.&lt;/p&gt;

&lt;h3&gt;
  
  
  8. Egress Traffic Filtering in CI Pipelines
&lt;/h3&gt;

&lt;p&gt;CI/CD runners should never operate with unrestricted outbound network access. Enforce a default-deny network egress policy at the runner level during the test and build phases. Limiting outbound communication exclusively to vetted registries blocks a scraping worm from exfiltrating plaintext process memory dumps to external dead-drops.&lt;/p&gt;

&lt;h3&gt;
  
  
  9. Zero-Trust AI Prompts
&lt;/h3&gt;

&lt;p&gt;Apply Role-Based Access Control (RBAC) directly to the execution profiles of AI coding agents. Rather than giving an LLM tool unfettered terminal access, drop permissions that allow an agent to run arbitrary shell scripts, read &lt;code&gt;.env&lt;/code&gt; files, or modify system configurations without direct, human-in-the-loop Multi-Factor Authentication (MFA) approval.&lt;/p&gt;




&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flwqy66q0jg7624rbnso1.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Flwqy66q0jg7624rbnso1.png" alt="The Hexbreakers fighting giant worms" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Actionable Execution Blueprint
&lt;/h2&gt;

&lt;p&gt;If you are defending an enterprise engineering organization, you can implement the IX Hexbreaker Aegis framework in three logical phases to minimize friction:&lt;/p&gt;

&lt;blockquote&gt;
&lt;h3&gt;
  
  
  Phase 1: Immediate Lockdown (Days 1–5)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;OIDC and Caching:&lt;/strong&gt; Add &lt;code&gt;permissions: {id-token: none}&lt;/code&gt; globally to every GitHub Actions workflow, granting write access only to specific publish steps. Separate cache keys immediately so fork PRs cannot contaminate your release scopes.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Dependency Cooldown:&lt;/strong&gt; Configure Dependabot or Renovate to require a minimum package release age of 5 days before allowing an auto-merge, forcing malicious bursts to be caught by public threat intel beforehand.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;AI Controls:&lt;/strong&gt; Set project-level AI settings to deny shell execution without explicit confirmation.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;h3&gt;
  
  
  Phase 2: Pipeline Hardening (Weeks 2–4)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Network Filters:&lt;/strong&gt; Deploy default-deny egress firewalls (such as StepSecurity Harden-Runner) on your CI workflows to break potential C2 phone-home logic.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Pinning:&lt;/strong&gt; Audit configuration repositories to substitute mutable action version tags with immutable, cryptographically secure commit SHAs.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;h3&gt;
  
  
  Phase 3: Total Isolation (Month 2+)
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Toolchain Sandboxing:&lt;/strong&gt; Migrate development workspaces to containerized Dev Containers. Mandate the &lt;code&gt;sbx&lt;/code&gt; CLI tool for all local engineer interaction with AI coding assistants to enforce hardware-isolated microVM containment.&lt;/p&gt;&lt;/li&gt;
&lt;li&gt;&lt;p&gt;&lt;strong&gt;Hardware Enforcement:&lt;/strong&gt; Issue FIDO2 security tokens to all core package maintainers, configuring Git to refuse unauthenticated, unsigned commits locally and upstream.&lt;/p&gt;&lt;/li&gt;
&lt;/ul&gt;
&lt;/blockquote&gt;

&lt;p&gt;Treating supply chain integrity as a static checkbox will guarantee that you fall victim to the next evolution of automated threats. Moving your active defenses entirely to the left—and protecting the very context in which code is written—is the only way to build software safely in an era of autonomous worms.&lt;/p&gt;

</description>
      <category>security</category>
      <category>ai</category>
      <category>docker</category>
    </item>
    <item>
      <title>Docker Security Dispatch — Issue 2: From JCON to Zurich 🏔️</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Mon, 08 Jun 2026 11:43:36 +0000</pubDate>
      <link>https://dev.to/docker/docker-security-dispatch-issue-2-from-jcon-to-zurich-231f</link>
      <guid>https://dev.to/docker/docker-security-dispatch-issue-2-from-jcon-to-zurich-231f</guid>
      <description>&lt;p&gt;Welcome to the second issue of &lt;strong&gt;Docker Security Dispatch&lt;/strong&gt;. April was a whirlwind of conferences, articles, and interviews. From the cathedrals of Cologne to the mountains of Zurich, here is everything that happened in the Docker security world last month.&lt;/p&gt;

&lt;h3&gt;
  
  
  Key Takeaways
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Stay informed about critical vulnerabilities like CVE-2026-34040 and the 'Mini Shai-Hulud' supply chain worm.&lt;/li&gt;
&lt;li&gt;Discover the benefits of Docker Sandboxes for isolating development environments against malware.&lt;/li&gt;
&lt;li&gt;Recap of the Java-focused Docker Commandos workshop delivered at JCON Europe 2026.&lt;/li&gt;
&lt;li&gt;Insights from industry experts on container security and operationalizing AI with Docker.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F01iypwpqdd99h8djoc4u.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F01iypwpqdd99h8djoc4u.png" alt="Docker Security Dispatch, issue 2" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🛡️ Critical: CVE-2026-34040 &amp;amp; The Mini Shai-Hulud "Gift"
&lt;/h2&gt;

&lt;p&gt;The biggest news in the Docker security scene this month was the disclosure of &lt;strong&gt;CVE-2026-34040&lt;/strong&gt;. This is a high-severity authorization bypass vulnerability that affected Docker Engine versions before 29.3.1. If an API request body exceeded 1MB, the AuthZ plugin would be bypassed. &lt;strong&gt;Please ensure you have updated to Docker Engine 29.4.2 or Docker Desktop 4.71.0.&lt;/strong&gt;&lt;/p&gt;

&lt;p&gt;Speaking of security "gifts," as I turned 35 on April 29, the universe (or TeamPCP) decided to send a satirical birthday present: &lt;strong&gt;Mini Shai-Hulud&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;This third wave of the Shai-Hulud lineage emerged on my birthday and is a highly autonomous NPM supply chain worm. It heavily targeted the SAP cloud ecosystem (infecting &lt;code&gt;@cap-js/sqlite&lt;/code&gt; and &lt;code&gt;@cap-js/postgres&lt;/code&gt;), harvesting tokens to backdoor other packages. The attack uses a malicious preinstall hook to download the &lt;strong&gt;Bun runtime&lt;/strong&gt;—bypassing Node-based security tooling—and execute an 11.7 MB obfuscated credential stealer. Most disturbingly, it installs persistence hooks directly in your IDE settings, specifically modifying &lt;code&gt;.vscode/tasks.json&lt;/code&gt; to trigger on &lt;code&gt;folderOpen&lt;/code&gt;.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/blog/mini-shai-hulud-attack" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Fmini-shai-hulud.png" height="533" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/blog/mini-shai-hulud-attack" rel="noopener noreferrer" class="c-link"&gt;
            Mini Shai-Hulud: The Next Evolution of NPM Supply Chain Worms - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            A deep dive into the Mini Shai-Hulud attack, a sophisticated NPM worm that uses the Bun runtime to bypass security and targets developer agents for persistence.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;In better news, &lt;strong&gt;Docker Sandboxes&lt;/strong&gt; (Beta) are helpful against Mini Shai-Hulud. They allow you to run your AI coding agents like Claude in an isolated microVM, preventing Mini Shai-Hulud-style attacks from compromising your development environment:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;sbx run claude
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  🏛️ JCON Europe: The Commandos in Cologne
&lt;/h2&gt;

&lt;p&gt;On &lt;strong&gt;April 20&lt;/strong&gt;, I was at &lt;a href="https://jcon.one" rel="noopener noreferrer"&gt;JCON Europe 2026&lt;/a&gt; in Cologne, and delivered the &lt;strong&gt;"Java Supply Chain Security with Docker"&lt;/strong&gt; workshop—a Java-focused adaptation of the Docker Commandos series.&lt;/p&gt;

&lt;p&gt;The workshop &lt;strong&gt;is available as a Docker Labspace&lt;/strong&gt;, providing a guided, interactive environment.&lt;/p&gt;

&lt;p&gt;If you don't have the Labspace extension installed in Docker Desktop, you can still run the full mission locally using the OCI artifact:&lt;br&gt;
&lt;/p&gt;
&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker compose &lt;span class="nt"&gt;-f&lt;/span&gt; oci://docker.io/aerabi/docker-commandos-labspace up &lt;span class="nt"&gt;-d&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;


&lt;p&gt;Learn more:&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/workshop/jcon-europe-2026" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fworkshops%2Fcommandos-in-cologne.png" height="597" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/workshop/jcon-europe-2026" rel="noopener noreferrer" class="c-link"&gt;
            Java Supply Chain Security with Docker — Docker Commandos Workshop - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            Docker Commandos adapted for a Java audience at JCON Europe 2026. Supply chain security, SBOMs, and attestations — using Docker tooling with a Java project as the target.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;






&lt;h2&gt;
  
  
  🎙️ Interview with Baruch Sadogursky
&lt;/h2&gt;

&lt;p&gt;While at JCON, I sat down with the legendary &lt;strong&gt;Baruch Sadogursky&lt;/strong&gt; (&lt;a class="mentioned-user" href="https://dev.to/jbaruch"&gt;@jbaruch&lt;/a&gt;) for an interview with &lt;strong&gt;Tessl&lt;/strong&gt; and &lt;strong&gt;JAVAPRO&lt;/strong&gt;. &lt;/p&gt;

&lt;p&gt;We discussed, surprise surprise, &lt;strong&gt;container supply chain security&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/pFfJZRAZez8"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;




&lt;h2&gt;
  
  
  📰 JAVAPRO: "The Whispering JAR"
&lt;/h2&gt;

&lt;p&gt;Speaking of JAVAPRO, my latest article for them also dropped during the conference: &lt;strong&gt;"The Whispering JAR: Java Security Lessons Hidden in a Fantasy Tale"&lt;/strong&gt;.&lt;/p&gt;

&lt;p&gt;It's a narrative-driven look at the latest supply chain attacks hidden in a fantasy setting—similar in spirit to &lt;em&gt;Black Forest Shadow&lt;/em&gt;, and happening right after the events of the book. It discusses the following attacks:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;NPM supply chain attack of September 2025&lt;/li&gt;
&lt;li&gt;The Shai-Hulud 1 and 2 attacks of late 2025&lt;/li&gt;
&lt;li&gt;React2Shell, the React-based remote code execution attack of late 2025&lt;/li&gt;
&lt;/ul&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://javapro.io/2026/04/23/the-whispering-jar-java-security-lessons-hidden-in-a-fantasy-tale/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2026%2F02%2FChatGPT-Image-Feb-11-2026-12_02_24-AM.png" height="533" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://javapro.io/2026/04/23/the-whispering-jar-java-security-lessons-hidden-in-a-fantasy-tale/" rel="noopener noreferrer" class="c-link"&gt;
            The Whispering JAR: Java Security Lessons Hidden in a Fantasy Tale - JAVAPRO International
          &lt;/a&gt;
        &lt;/h2&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2024%2F07%2Fjavapro-favicon-80x80.jpg" width="80" height="80"&gt;
          javapro.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;h2&gt;
  
  
  🐧 Foojay.io Debut
&lt;/h2&gt;

&lt;p&gt;I am also thrilled to have published my first article on &lt;strong&gt;Foojay.io&lt;/strong&gt; (the Friends of OpenJDK platform) this month: &lt;strong&gt;"Dockerizing a Java 26 Project with Docker Init"&lt;/strong&gt;.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://foojay.io/today/dockerizing-a-java-26-project-with-docker-init/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Ffoojay.io%2Fwp-content%2Fuploads%2F2026%2F04%2Fasgard-init-1024x765.png" height="598" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://foojay.io/today/dockerizing-a-java-26-project-with-docker-init/" rel="noopener noreferrer" class="c-link"&gt;
            Dockerizing a Java 26 Project with Docker Init
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            Java 26 came out in March 2026. This article walks you through Dockerizing a Java 26 Spring Boot project using Docker Init.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Ffoojay.io%2Fwp-content%2Fuploads%2F2020%2F04%2FFavicon-3-2-150x150.png" width="150" height="150"&gt;
          foojay.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;h2&gt;
  
  
  🎙️ JobRad Podcast: Writing a Tech Book
&lt;/h2&gt;

&lt;p&gt;JobRad's tech podcast, &lt;strong&gt;Increase Cycle Time&lt;/strong&gt;, is out, and I'm on it! 🎙️&lt;/p&gt;

&lt;p&gt;I sat down with &lt;strong&gt;Holger Grosse-Plankermann&lt;/strong&gt; and &lt;strong&gt;Urs Lange&lt;/strong&gt; to talk about the behind-the-scenes of writing a tech book like &lt;em&gt;Docker and Kubernetes Security&lt;/em&gt;. We discussed the research process, the challenges of keeping up with a fast-moving ecosystem, and what it takes to get from a rough draft to a published book.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://jobrad-increase-cycle-time.podigee.io/10-tech-book" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimages.podigee-cdn.net%2F0x%2Cs81W8A3dtZkBwwl7z2z7ED9yMs1WRr0ENuhPlJiPByrc%3D%2Fhttps%3A%2F%2Fmain.podigee-cdn.net%2Fuploads%2Fu76574%2Fc8fd26ec-6e3c-429b-a6ee-91afe479b6ec.png" height="800" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://jobrad-increase-cycle-time.podigee.io/10-tech-book" rel="noopener noreferrer" class="c-link"&gt;
            
      Folge 10: Writing a tech book - Increase Cycle Time - Der JobRad® Development Podcast
    
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            Hello lovely people from the interwebs,

In this episode we have a chat with our dear colleague Mohammad-Ali A'râbi. Mo wrote a book about Docker Security. Even though the content of this book is great. (Hint! Read the book: https://www.dockersecurity.io/), in this episode Urs and Holger are more interested in what it is like to write a book?

Why do this after all? What are the hurdles? How do you keep your motivation high? And what one needs to do, if you are thinking: I want to write a book too!

All this and more in the current episode of Increase Cycle Time. 
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fimages.podigee-cdn.net%2F96x%2CsofdUHGK75zP3NQGwWJh-s6N9mgSeKsHxNx7FSydtXFA%3D%2Fhttps%3A%2F%2Fmain.podigee-cdn.net%2Fuploads%2Fu76449%2F3535a918-543c-4d48-b6ef-302330a9073d.png" width="96" height="96"&gt;
          jobrad-increase-cycle-time.podigee.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fysc3hkcb7axnzn8606ww.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fysc3hkcb7axnzn8606ww.png" alt="Operational AI with Docker" width="800" height="986"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  🤖 Book: Operational AI with Docker
&lt;/h2&gt;

&lt;p&gt;I'm excited to announce that I served as a &lt;strong&gt;technical reviewer&lt;/strong&gt; for the new book &lt;strong&gt;"Operational AI with Docker"&lt;/strong&gt;, published by Packt. As AI models become a standard part of our containerized workloads, this book is a fantastic guide for anyone looking to run LLMs in production using Docker.&lt;/p&gt;




&lt;h2&gt;
  
  
  🏔️ Upcoming: DevOpsDays Zurich &amp;amp; Berlin
&lt;/h2&gt;

&lt;p&gt;Recently, I headed to &lt;strong&gt;DevOpsDays Zurich&lt;/strong&gt; (May the 6th) to give my talk: &lt;strong&gt;"Beyond SBOMs: The Future of Container Supply Chain Security"&lt;/strong&gt;. I'll write more about it in the coming issue.&lt;/p&gt;

&lt;p&gt;I'm also happy to share that this talk was also accepted for &lt;strong&gt;WeAreDevelopers World Congress&lt;/strong&gt; in Berlin this July. I can't wait to bring the Commandos to the big stage in Berlin! So, if you missed it in Zurich, we'll catch you in Berlin!&lt;/p&gt;

&lt;p&gt;Until next time, and let's hope there are no more "gifts" from the universe in May!&lt;/p&gt;

</description>
      <category>docker</category>
    </item>
    <item>
      <title>Docker Security Dispatch — Issue 1: Docker Turns 13 🎂</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Tue, 02 Jun 2026 07:32:00 +0000</pubDate>
      <link>https://dev.to/docker/docker-security-dispatch-issue-1-docker-turns-13-3njh</link>
      <guid>https://dev.to/docker/docker-security-dispatch-issue-1-docker-turns-13-3njh</guid>
      <description>&lt;p&gt;Welcome to the first issue of &lt;strong&gt;Docker Security Dispatch&lt;/strong&gt;. This newsletter covers Docker security, container supply chains, and the community around them. The first issue of the newsletter was published on April 1st, 2026, on the following platforms:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.linkedin.com/pulse/welcome-docker-security-dispatch-mohammad-ali-a-r%C3%A2bi-9q0qf" rel="noopener noreferrer"&gt;LinkedIn&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.dockersecurity.io/blog/docker-security-dispatch-issue-1" rel="noopener noreferrer"&gt;DockerSecurity.io&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I'm bringing the series to DEV.to as well, so I'm sharing the first issue with 2 months of delay.&lt;/p&gt;

&lt;h3&gt;
  
  
  Key Takeaways
&lt;/h3&gt;

&lt;ul&gt;
&lt;li&gt;Celebrate Docker's 13th anniversary with the launch of the dark fantasy security guide, 'Black Forest Shadow'.&lt;/li&gt;
&lt;li&gt;Get insights from the Docker Commandos v1.5 workshop focused on supply-chain security.&lt;/li&gt;
&lt;li&gt;Learn about the '10 Docker Commandos' framework for hunting security threats.&lt;/li&gt;
&lt;li&gt;Recap the most significant Docker book releases from the first quarter of 2026.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz3j2xm6bh96v73mt3ni5.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fz3j2xm6bh96v73mt3ni5.png" alt="Docker Security Dispatch" width="800" height="447"&gt;&lt;/a&gt;&lt;/p&gt;




&lt;h2&gt;
  
  
  🎂 Docker Turns 13
&lt;/h2&gt;

&lt;p&gt;Docker turned 13 on March 20, 2026. Thirteen years since Solomon Hykes demoed &lt;code&gt;docker run&lt;/code&gt; at PyCon.&lt;/p&gt;

&lt;p&gt;I published my second book on &lt;strong&gt;Friday, March 13th&lt;/strong&gt;—Docker's birthday, and a Friday the 13th. I couldn't resist.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/black-forest-shadow" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Fbook-black-forest-shadow.jpg" height="1020" class="m-0" width="680"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/black-forest-shadow" rel="noopener noreferrer" class="c-link"&gt;
            Black Forest Shadow — A Dark Fantasy Guide to Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            A dark fantasy novel set in the Black Forest of 1865 that teaches Docker and Kubernetes security through narrative — covering CVE hunting, SBOM generation, runtime hardening, and container security.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;&lt;strong&gt;&lt;em&gt;Black Forest Shadow: A Dark Fantasy Guide to Docker and Kubernetes Security&lt;/em&gt;&lt;/strong&gt; grew out of the Advent of Docker Security series I published in December 2025—24 daily posts set in the Black Forest of 1865, where shadow creatures called CVEs were spreading through villages. After the series ended, I wrote seven more chapters, compiled the whole thing, and turned it into a book.&lt;/p&gt;

&lt;p&gt;Each chapter maps to a real security technique: CVE triage, SBOM generation, OCI 1.1 attestations, vulnerability scanning, container hardening, runtime security with Falco, lateral movement prevention. Gord, Rothütle, Jack, and Evie are also the Docker Commandos from the workshop series. The book is their origin story.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Where to get it:&lt;/strong&gt;&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;a href="https://buy.dockersecurity.io" rel="noopener noreferrer"&gt;DockerSecurity.io&lt;/a&gt; — PDF, ePub, and print&lt;/li&gt;
&lt;li&gt;&lt;a href="https://dockersecurity.io/amz/bfs" rel="noopener noreferrer"&gt;Amazon&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;
&lt;a href="https://www.thalia.de/shop/home/artikeldetails/A1078659350" rel="noopener noreferrer"&gt;Thalia&lt;/a&gt; and &lt;a href="https://www.hugendubel.de/de/taschenbuch/mohammad_ali_a_rabi-black_forest_shadow-52778151-produkt-details.html" rel="noopener noreferrer"&gt;Hugendubel&lt;/a&gt; for DACH print&lt;/li&gt;
&lt;/ul&gt;




&lt;h2&gt;
  
  
  🎖️ Docker Commandos at Rabobank
&lt;/h2&gt;

&lt;p&gt;On &lt;strong&gt;March 27&lt;/strong&gt;, I delivered &lt;strong&gt;Docker Commandos v1.5&lt;/strong&gt; at &lt;a href="https://www.rabobank.com" rel="noopener noreferrer"&gt;Rabobank&lt;/a&gt; in Utrecht, as part of their Docker Champions program. About 20 people attended.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg2x8ty2jducb4oj5s83n.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fg2x8ty2jducb4oj5s83n.jpg" alt="Docker Commandos workshop at Rabobank" width="800" height="600"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Docker Commandos is a workshop where 10 fictional commandos, each paired with a Docker security command, guide participants through a mission to defend Asgard from CVE monsters. v1.5 covers the full supply-chain pipeline: from &lt;code&gt;docker init&lt;/code&gt; to cryptographic image signing with Cosign and zero-day runtime defense. Two new commandos join in this version.&lt;/p&gt;

&lt;p&gt;The full workshop materials:&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/workshop/rabobank-2026" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2F10-commandos-asgard.png" height="447" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/workshop/rabobank-2026" rel="noopener noreferrer" class="c-link"&gt;
            Docker Commandos v1.5 — Docker Commandos Workshop - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            Docker Commandos v1.5 at Rabobank, part of their Docker Champions program. Full supply-chain security pipeline from Docker Init to cryptographic signing and zero-day runtime defense.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;h2&gt;
  
  
  📰 JavaPro: "10 Docker Commandos"
&lt;/h2&gt;

&lt;p&gt;On &lt;strong&gt;March 19&lt;/strong&gt;, &lt;a href="https://javapro.io" rel="noopener noreferrer"&gt;JavaPro&lt;/a&gt; published my article &lt;strong&gt;"10 Docker Commandos: Docker Commands to Hunt the Predator"&lt;/strong&gt;—three days before I ran the workshop at Rabobank, which was good timing.&lt;/p&gt;

&lt;p&gt;The article uses the React2Shell supply chain attack (CVE-2025-55182) as the threat model. Attackers deployed crypto miners within hours of disclosure. The 10 commandos walk through the response: Lockdown → SBOM → Scout → SBOM Attestations → Docker Init → Hardened Images → Exempted CVEs → VEX Attestation → Docker Bake → Zero-Day Defense.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://javapro.io/2026/03/19/10-docker-commandos-docker-commands-to-hunt-the-predator/" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2026%2F02%2Fcommandos-v5-comic-e1770835706278-1024x350.png" height="273" class="m-0" width="799"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://javapro.io/2026/03/19/10-docker-commandos-docker-commands-to-hunt-the-predator/" rel="noopener noreferrer" class="c-link"&gt;
            10 Docker Commandos: Docker Commands to Hunt the Predator - JAVAPRO International
          &lt;/a&gt;
        &lt;/h2&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fjavapro.io%2Fwp-content%2Fuploads%2F2024%2F07%2Fjavapro-favicon-80x80.jpg" width="80" height="80"&gt;
          javapro.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;h2&gt;
  
  
  📚 Q1 2026 Docker Books
&lt;/h2&gt;

&lt;p&gt;Five Docker books came out in the first quarter of 2026. Three of them by Docker Captains, which I think is a first.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/blog/docker-read-list-2026-q1" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Fdocker-read-list-2026-q1.png" height="447" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/blog/docker-read-list-2026-q1" rel="noopener noreferrer" class="c-link"&gt;
            The Complete Docker Read List: Q1 2026 Edition - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            A curated reading list of the best books on Docker and Kubernetes for the first quarter of 2026, featuring releases from Docker Captains and industry experts.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;h2&gt;
  
  
  📅 Next: JCON Europe, Cologne, April 20
&lt;/h2&gt;

&lt;p&gt;On &lt;strong&gt;April 20&lt;/strong&gt;, I had the honor of doing a workshop at &lt;a href="https://jcon.one" rel="noopener noreferrer"&gt;JCON Europe 2026&lt;/a&gt; in Cologne with &lt;strong&gt;"Java Supply Chain Security with Docker"&lt;/strong&gt;—Docker Commandos adapted for a Java audience. Same pipeline, Java project as the target.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://containersecurity.dev/workshop/jcon-europe-2026" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fworkshops%2Fcommandos-in-cologne.png" height="597" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://containersecurity.dev/workshop/jcon-europe-2026" rel="noopener noreferrer" class="c-link"&gt;
            Java Supply Chain Security with Docker — Docker Commandos Workshop - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            Docker Commandos adapted for a Java audience at JCON Europe 2026. Supply chain security, SBOMs, and attestations — using Docker tooling with a Java project as the target.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fcontainersecurity.dev%2Ffavicon.ico" width="48" height="48"&gt;
          containersecurity.dev
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;





&lt;p&gt;&lt;em&gt;Questions or feedback: &lt;a href="https://dockersecurity.io/contact" rel="noopener noreferrer"&gt;dockersecurity.io/contact&lt;/a&gt;.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>docker</category>
      <category>security</category>
    </item>
    <item>
      <title>Seven Docker Tips Every Engineer Should Know (from Docker Captains)</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Mon, 25 May 2026 07:25:00 +0000</pubDate>
      <link>https://dev.to/docker/seven-docker-tips-every-engineer-should-know-from-docker-captains-3o1h</link>
      <guid>https://dev.to/docker/seven-docker-tips-every-engineer-should-know-from-docker-captains-3o1h</guid>
      <description>&lt;p&gt;Between June and August 2025, Docker shared a short series of practical tips from Docker Captains on Twitter/X. The format was brief, but the advice is worth unpacking. This post is revisiting those seven tips with a little more context and newer examples.&lt;/p&gt;

&lt;p&gt;Here are the seven tips, in the chronological order they were shared!&lt;/p&gt;

&lt;h2&gt;
  
  
  1. Start New Projects with Docker Init
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/captains/mohammad-ali-arabi/" rel="noopener noreferrer"&gt;Mohammad-Ali A'rabi&lt;/a&gt; is a Docker Captain from Freiburg, Germany, a backend software engineer, Docker community leader, and the author of &lt;a href="https://www.dockersecurity.io/docker-and-kubernetes-security" rel="noopener noreferrer"&gt;&lt;em&gt;Docker and Kubernetes Security&lt;/em&gt;&lt;/a&gt;. His work often sits at the intersection of practical engineering, education, community, and secure-by-default container workflows.&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1934618217990754462-547" src="https://platform.twitter.com/embed/Tweet.html?id=1934618217990754462"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1934618217990754462-547');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1934618217990754462&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;The tweet points to &lt;code&gt;docker init&lt;/code&gt; as the fastest way to get a clean Docker setup for a new project:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker init
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The command analyzes your project and generates a set of files that follow Docker's best practices:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;code&gt;Dockerfile&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;.dockerignore&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;compose.yaml&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;README.Docker.md&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Read the following article for a detailed walkthrough of &lt;code&gt;docker init&lt;/code&gt; with a Java project: &lt;a href="https://www.dockersecurity.io/blog/dockerize-java-26-with-docker-init" rel="noopener noreferrer"&gt;Dockerize Java 26 with Docker Init&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  2. Clean Up Docker Disk Usage Carefully
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/contributors/rafael-pazini/" rel="noopener noreferrer"&gt;Rafael Pazini&lt;/a&gt; is a Docker Captain from Sao Paulo, Brazil, and a Senior Software Engineer at Pluto TV. He has more than 10 years of experience building scalable applications, with expertise in distributed systems, microservices, Docker, and Kubernetes.&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1937229925515252098-27" src="https://platform.twitter.com/embed/Tweet.html?id=1937229925515252098"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1937229925515252098-27');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1937229925515252098&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;The command &lt;code&gt;docker system prune&lt;/code&gt; is no stranger to Docker users:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker system prune &lt;span class="nt"&gt;-a&lt;/span&gt; &lt;span class="nt"&gt;--volumes&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The terminal will say:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;WARNING! This will remove:
  - all stopped containers
  - all networks not used by at least one container
  - all dangling images
  - unused build cache

Are you sure you want to continue? [y/N]
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;BTW, did you know &lt;code&gt;[y/N]&lt;/code&gt; means "default to No if the user just presses Enter"?&lt;/p&gt;

&lt;p&gt;The &lt;code&gt;-a&lt;/code&gt; flag removes &lt;em&gt;all&lt;/em&gt; unused images, not just dangling ones. The &lt;code&gt;--volumes&lt;/code&gt; flag adds unused volumes to the cleanup list. Check it out, and the warning verifies it:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;WARNING! This will remove:
  - all stopped containers
  - all networks not used by at least one container
  - all anonymous volumes not used by at least one container
  - all images without at least one container associated to them
  - all build cache

Are you sure you want to continue? [y/N]
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;A few more handy commands:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker rmi &lt;span class="nt"&gt;-f&lt;/span&gt; &lt;span class="si"&gt;$(&lt;/span&gt;docker images &lt;span class="nt"&gt;-q&lt;/span&gt;&lt;span class="si"&gt;)&lt;/span&gt;  &lt;span class="c"&gt;# Force-remove all images&lt;/span&gt;
docker volume &lt;span class="nb"&gt;rm&lt;/span&gt; &lt;span class="si"&gt;$(&lt;/span&gt;docker volume &lt;span class="nb"&gt;ls&lt;/span&gt; &lt;span class="nt"&gt;-q&lt;/span&gt;&lt;span class="si"&gt;)&lt;/span&gt;  &lt;span class="c"&gt;# Remove all volumes&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Satisfaction!&lt;/p&gt;

&lt;h2&gt;
  
  
  3. Use Multi-Stage Builds
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/captains/karan-verma/" rel="noopener noreferrer"&gt;Karan Verma&lt;/a&gt; is a Docker Captain from Jalandhar, India. He is a software engineer and community leader who has been active in the Docker community in Jalandhar since 2017, with a focus that includes AI and MLOps.&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1939768473887916538-62" src="https://platform.twitter.com/embed/Tweet.html?id=1939768473887916538"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1939768473887916538-62');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1939768473887916538&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;It's not only AI images that can get big. It's better to trim images down, AI or not. It's cost-effective, faster to deploy, and more secure by reducing the attack surface. Multi-stage builds are the way to go for that.&lt;/p&gt;

&lt;p&gt;To add to that, &lt;code&gt;docker init&lt;/code&gt; already generates a multi-stage Dockerfile for you.&lt;/p&gt;

&lt;p&gt;Also, make sure the final stage is hardened with a non-root user and limited privileges. For example, use a base image with no package manager, no shell, and no extra tools.&lt;/p&gt;

&lt;p&gt;Another important tip is to generate SBOM attestations during the build:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker build &lt;span class="nt"&gt;--sbom&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;true&lt;/span&gt; &lt;span class="nt"&gt;-t&lt;/span&gt; my-image:latest &lt;span class="nb"&gt;.&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This command doesn't automatically include all stages in the SBOM, so you need to add the following line to each stage in your Dockerfile to ensure they are included:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight docker"&gt;&lt;code&gt;&lt;span class="k"&gt;ARG&lt;/span&gt;&lt;span class="s"&gt; BUILDKIT_SBOM_SCAN_CONTEXT=true&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;&amp;lt;image&amp;gt;&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="k"&gt;AS&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;stage&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  4. Choose Lightweight, Version-Pinned Base Images
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/contributors/sergio-lopes/" rel="noopener noreferrer"&gt;Sergio Lopes&lt;/a&gt; is a Docker Captain from Sao Paulo, Brazil, and a Principal Backend Engineer at Banco Itau Unibanco S.A. Docker highlights his long backend engineering background and expertise in developer productivity, Kubernetes, modern application development, and observability.&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1944758785475498198-694" src="https://platform.twitter.com/embed/Tweet.html?id=1944758785475498198"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1944758785475498198-694');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1944758785475498198&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;This tweet is from July 2025, but the advice is evergreen. Use Docker Hardened Images (DHI) for base images, and pin to a specific version. The DHI are:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Lightweight&lt;/li&gt;
&lt;li&gt;Open-source&lt;/li&gt;
&lt;li&gt;Secure-by-default&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Check the catalog at &lt;a href="https://dhi.io" rel="noopener noreferrer"&gt;dhi.io&lt;/a&gt; and pick the right image for your language and use case. Search for "node", get into the &lt;a href="https://hub.docker.com/hardened-images/catalog/dhi/node" rel="noopener noreferrer"&gt;Node.js image catalog&lt;/a&gt;:&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr0ms7meghy1vt90ky3p7.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fr0ms7meghy1vt90ky3p7.png" alt="DHI Node.js Catalog" width="799" height="363"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Then go to the "Images" tab to see &lt;a href="https://hub.docker.com/hardened-images/catalog/dhi/node/images" rel="noopener noreferrer"&gt;the full list&lt;/a&gt;:&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff2iifvjnl9thpkwbffw7.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Ff2iifvjnl9thpkwbffw7.png" alt="DHI Node.js Images" width="800" height="342"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;In the list of images:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;If there is a lock, it's not free to use. Just skip it.&lt;/li&gt;
&lt;li&gt;There are Debian and Alpine variants.&lt;/li&gt;
&lt;li&gt;There are "dev" variants with build tools and "prod" variants without them.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Find a version, and your Dockerfile should start like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight docker"&gt;&lt;code&gt;&lt;span class="c"&gt;# The build stage&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;dhi.io/node:26.2.0-debian13-dev&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="k"&gt;AS&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;build&lt;/span&gt;

&lt;span class="c"&gt;# The production stage&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="s"&gt; dhi.io/node:26.2.0-debian13&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The dev image has 10 CVEs and the prod image has 0.&lt;/p&gt;

&lt;h2&gt;
  
  
  5. Use Docker Scout Quickview
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/contributors/khushboo-verma/" rel="noopener noreferrer"&gt;Khushboo Verma&lt;/a&gt; is a Docker Captain and Platform Engineer at Appwrite in Bengaluru, India. She is also a community builder and speaker, with Docker listing her expertise in developer productivity, modern application development, and observability.&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1947370272115290448-318" src="https://platform.twitter.com/embed/Tweet.html?id=1947370272115290448"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1947370272115290448-318');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1947370272115290448&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;The &lt;code&gt;docker scout quickview&lt;/code&gt; command is a fast way to get a snapshot of your image's security posture. It checks for known CVEs, lists dependencies, and provides metadata about the base image. This is especially useful in CI pipelines to catch vulnerabilities before pushing images to a registry.&lt;/p&gt;

&lt;p&gt;Let's do it on the DHI Node.js image:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker scout quickview dhi.io/node:26.2.0-debian13
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The output says:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;    i New version 1.21.0 available (installed version is 1.20.3) at https://github.com/docker/scout-cli
    ✓ SBOM obtained from attestation, 20 packages found
    ✓ Provenance obtained from attestation
    ✓ VEX statements obtained from attestation

    i Base image was auto-detected. To get more accurate results, build images with max-mode provenance attestations.
      Review docs.docker.com ↗ for more information.

 Target   │  dhi.io/node:26.2.0-debian13  │    0C     0H     0M     0L
   digest │  f3fb2a06abd6                 │
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;So, there are no CVEs, and the image has:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;SBOM attestation with 20 packages&lt;/li&gt;
&lt;li&gt;Provenance attestation&lt;/li&gt;
&lt;li&gt;VEX statements attestation&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;If you want to learn more about these concepts, check out the Docker Commandos workshop on Docker Labspaces: &lt;a href="https://www.dockersecurity.io/commandos" rel="noopener noreferrer"&gt;Docker Commandos&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  6. Use .dockerignore
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/captains/anjan-kumar-reddy-ayyadapu/" rel="noopener noreferrer"&gt;Anjan Kumar Reddy Ayyadapu&lt;/a&gt; is a Docker Captain and Senior Architect Solution Leader at Cloudera Inc. Docker lists his expertise across AI/ML, CI/CD, Kubernetes, observability, developer productivity, and software secure supply chain work.&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1950295464433025395-539" src="https://platform.twitter.com/embed/Tweet.html?id=1950295464433025395"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1950295464433025395-539');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1950295464433025395&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;The tweet compares &lt;code&gt;.dockerignore&lt;/code&gt; to &lt;code&gt;.gitignore&lt;/code&gt;, which is exactly the right mental model. &lt;code&gt;.gitignore&lt;/code&gt; decides what should not enter version control; &lt;code&gt;.dockerignore&lt;/code&gt; decides what should not enter the Docker build context.&lt;/p&gt;

&lt;p&gt;Two points on that!&lt;/p&gt;

&lt;p&gt;When doing a &lt;code&gt;docker build&lt;/code&gt; command, it usually looks like this:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker build &lt;span class="nt"&gt;-t&lt;/span&gt; my-image:latest &lt;span class="nb"&gt;.&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The &lt;code&gt;.&lt;/code&gt; at the end is not the Dockerfile path; it's the build context path. It means, "send the current directory and all its contents to the Docker daemon for the build".&lt;/p&gt;

&lt;p&gt;Anjan says &lt;em&gt;blacklist&lt;/em&gt; some files with &lt;code&gt;.dockerignore&lt;/code&gt;, I would say &lt;em&gt;whitelist&lt;/em&gt; some files with &lt;code&gt;.dockerignore&lt;/code&gt;. Start with a clean slate, and add only what you need. For example:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;# .dockerignore
*

!src/
!package.json
!package-lock.json
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  7. Limit Container Privileges
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Captain intro:&lt;/strong&gt; &lt;a href="https://www.docker.com/captains/mohammad-ali-arabi/" rel="noopener noreferrer"&gt;Mohammad-Ali A'rabi&lt;/a&gt; appears again in Docker's series, this time with a security tip. It's not me promoting myself, it's Docker!&lt;/p&gt;

&lt;p&gt;&lt;iframe class="tweet-embed" id="tweet-1953561787623788652-733" src="https://platform.twitter.com/embed/Tweet.html?id=1953561787623788652"&gt;
&lt;/iframe&gt;

  // Detect dark theme
  var iframe = document.getElementById('tweet-1953561787623788652-733');
  if (document.body.className.includes('dark-theme')) {
    iframe.src = "https://platform.twitter.com/embed/Tweet.html?id=1953561787623788652&amp;amp;theme=dark"
  }



&lt;/p&gt;

&lt;p&gt;Just for context: Linux capabilities are granular permissions that can be independently enabled or disabled for processes. Similar to the whitelisting approach of &lt;code&gt;.dockerignore&lt;/code&gt;, you can start with a clean slate by dropping all capabilities and then adding only the ones your application needs. For example:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker run &lt;span class="nt"&gt;--cap-drop&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;ALL &lt;span class="nt"&gt;--cap-add&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;NET_ADMIN my-image:latest
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;It's similar in a Kubernetes pod spec:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;apiVersion&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;v1&lt;/span&gt;
&lt;span class="na"&gt;kind&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;Pod&lt;/span&gt;
&lt;span class="na"&gt;metadata&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;my-pod&lt;/span&gt;
&lt;span class="na"&gt;spec&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;containers&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="na"&gt;name&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;my-container&lt;/span&gt;
      &lt;span class="na"&gt;image&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;my-image:latest&lt;/span&gt;
      &lt;span class="na"&gt;securityContext&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
        &lt;span class="na"&gt;capabilities&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
          &lt;span class="na"&gt;drop&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="pi"&gt;[&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;ALL"&lt;/span&gt;&lt;span class="pi"&gt;]&lt;/span&gt;
          &lt;span class="na"&gt;add&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="pi"&gt;[&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="s"&gt;NET_ADMIN"&lt;/span&gt;&lt;span class="pi"&gt;]&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;To learn more about Linux capabilities and how to use them in Docker and Kubernetes, check out the book &lt;a href="https://www.dockersecurity.io/docker-and-kubernetes-security" rel="noopener noreferrer"&gt;Docker and Kubernetes Security&lt;/a&gt;.&lt;/p&gt;

&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;I wish Docker starts sharing more tips from Docker Captains, and I hope this post helps expand on the original tweets with more context and examples. If you have any questions or want to share your own Docker tips, feel free to reach out on &lt;a href="https://www.linkedin.com/in/aerabi/" rel="noopener noreferrer"&gt;LinkedIn&lt;/a&gt; or &lt;a href="https://x.com/MohammadAliEN" rel="noopener noreferrer"&gt;Twitter/X&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;Happy Dockerizing!&lt;/p&gt;

</description>
      <category>docker</category>
    </item>
    <item>
      <title>Book Review: Operational AI with Docker</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Wed, 20 May 2026 07:32:00 +0000</pubDate>
      <link>https://dev.to/docker/book-review-operational-ai-with-docker-73d</link>
      <guid>https://dev.to/docker/book-review-operational-ai-with-docker-73d</guid>
      <description>&lt;p&gt;In my &lt;a href="https://www.dockersecurity.io/blog/docker-read-list-2026-q1" rel="noopener noreferrer"&gt;Q1 2026 Docker Read List&lt;/a&gt;, I dropped a little hint that I was involved in reviewing an exciting upcoming book for Q2. Well, the secret is finally out! I had the absolute honor of being a technical reviewer for &lt;em&gt;Operational AI with Docker&lt;/em&gt;, written by my friends and fellow experts &lt;strong&gt;Ajeet Singh Raina&lt;/strong&gt; and &lt;strong&gt;Harsh Manvar&lt;/strong&gt;.&lt;/p&gt;


&lt;div class="crayons-card c-embed text-styles text-styles--secondary"&gt;
    &lt;div class="c-embed__content"&gt;
        &lt;div class="c-embed__cover"&gt;
          &lt;a href="https://www.dockersecurity.io/blog/docker-read-list-2026-q1" class="c-link align-middle" rel="noopener noreferrer"&gt;
            &lt;img alt="" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Fblog-img%2Fdocker-read-list-2026-q1.png" height="447" class="m-0" width="800"&gt;
          &lt;/a&gt;
        &lt;/div&gt;
      &lt;div class="c-embed__body"&gt;
        &lt;h2 class="fs-xl lh-tight"&gt;
          &lt;a href="https://www.dockersecurity.io/blog/docker-read-list-2026-q1" rel="noopener noreferrer" class="c-link"&gt;
            The Complete Docker Read List: Q1 2026 Edition - Docker and Kubernetes Security - Docker and Kubernetes Security
          &lt;/a&gt;
        &lt;/h2&gt;
          &lt;p class="truncate-at-3"&gt;
            A curated reading list of the best books on Docker and Kubernetes for the first quarter of 2026, featuring releases from Docker Captains and industry experts.
          &lt;/p&gt;
        &lt;div class="color-secondary fs-s flex items-center"&gt;
            &lt;img alt="favicon" class="c-embed__favicon m-0 mr-2 radius-0" src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fwww.dockersecurity.io%2Ffavicon.ico" width="48" height="48"&gt;
          dockersecurity.io
        &lt;/div&gt;
      &lt;/div&gt;
    &lt;/div&gt;
&lt;/div&gt;


&lt;p&gt;I love a good narrative in my technical books. The authors definitely brought some drama to the text, which I absolutely loved about this book. I had the chance to review the last four chapters of the book, and would love to share some exclusive behind-the-scenes insights about the book, as well as my thoughts on it.&lt;/p&gt;

&lt;h2&gt;
  
  
  Authors
&lt;/h2&gt;

&lt;p&gt;Well, the authors need no introduction, but I'll still give you one.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Ajeet Singh Raina&lt;/strong&gt; was a Docker Captain for six years until he was hired by Docker as a Developer Advocate. He was my first point of contact when I started my journey in the Docker community, and we published three blog posts together on the Docker blog. He is an absolute legend, the man behind the Collabnix Community, and a great mentor to many in the container ecosystem.&lt;/p&gt;

&lt;p&gt;&lt;strong&gt;Harsh Manvar&lt;/strong&gt; is a Senior Software Engineer at Oracle, a Docker Captain, and a CNCF Ambassador. Similarly, he is also an absolute star in the Indian container ecosystem, and has been a great mentor to many in the community. I had the pleasure of meeting him in person at the Docker Captains Summit in 2025, when he shared with me his plans for the book, and I was immediately excited about it.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Book's Final Act: From MCP to KAgent
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Chapter 6&lt;/strong&gt;. The authors introduced the &lt;em&gt;Docker MCP Gateway&lt;/em&gt; flawlessly. Before getting into the details, they did a great job of setting the stage by showing exactly why we need a gateway, and why it is painful to connect different MCP servers directly. It's great that the authors let you feel the pain, instead of just telling you about it.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Chapters 7 and 8&lt;/strong&gt;. These chapters dive heavily into using AI agents and orchestrating multiple AI agents using Python. The chapters are packed with multiple examples and Docker Compose projects. The chapters might feel a bit overwhelming or tedious for readers, but it perfectly shows how one can use AI agents in a real-world scenario, and create a complex system that can solve a problem end-to-end. These two chapters are practically every Hollywood movie 70 minutes in, when it feels we're at impossible odds, and there is no way out.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Chapter 9&lt;/strong&gt;. The grand finale covers Docker Sandboxes, Docker Agent, and KAgent. Let me tell you, this is an awesome way to end the book. It suddenly becomes clear that any pain we had to endure in Chapter 8 was entirely intentional: it was just to make the out-of-the-box experience of Docker Agent and KAgent shine! Suddenly eagles come and Frodo is on his way to Valinor!&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Final Thoughts
&lt;/h2&gt;

&lt;p&gt;The book is purely practical, impossibly fresh, and skillfully dramatic. It teaches you the basics and the advanced features of Docker MCP, Docker Agent, and KAgent. It lets you feel the pain and the joy of better tools. It is a must-read for anyone interested in the future of AI and how it can be operationalized using Docker. It's a great read, sometimes a bit overwhelming, but always rewarding. You need it in your library, and you need to read it.&lt;/p&gt;

</description>
      <category>docker</category>
      <category>ai</category>
      <category>books</category>
    </item>
    <item>
      <title>Generating SBOM with Docker Scout</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Thu, 23 Apr 2026 18:40:34 +0000</pubDate>
      <link>https://dev.to/docker/generating-sbom-with-docker-scout-27eg</link>
      <guid>https://dev.to/docker/generating-sbom-with-docker-scout-27eg</guid>
      <description>&lt;p&gt;Knowing what's inside your container is the first step to securing it. In the first commando mission, we dockerized a Java 26 project using Docker Init. Now that we have an image, it's time to see what's actually in it.&lt;/p&gt;

&lt;h2&gt;
  
  
  The Mission: Who Lives in Asgard?
&lt;/h2&gt;

&lt;p&gt;Rothütle, the tactician of the Docker Commandos, asks Thor for a list of all Asgard residents. Why? Because you can't defend a city if you don't know who's inside. By getting this list, you can later cross-reference it with known threats and identify the shadows in disguise.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4p1st5ec20jpfc3nbc93.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F4p1st5ec20jpfc3nbc93.png" alt="Rothütle asking for the SBOM" width="800" height="537"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Requirements
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Docker Desktop that is not too old, or&lt;/li&gt;
&lt;li&gt;Docker Scout CLI plugin installed.&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;To make sure you have the Docker Scout plugin, run:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker scout &lt;span class="nt"&gt;--help&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  Generate the SBOM
&lt;/h2&gt;

&lt;p&gt;We'll use &lt;code&gt;docker scout sbom&lt;/code&gt; to peek inside our image. If you followed the previous post, you have an image built from your project. Let's assume you tagged it &lt;code&gt;hello-wowlrd:latest&lt;/code&gt;.&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker scout sbom hello-wowlrd:latest &lt;span class="nt"&gt;--format&lt;/span&gt; list
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The &lt;code&gt;--format list&lt;/code&gt; flag gives you a clean table of all the packages, their versions, and types (e.g., &lt;code&gt;deb&lt;/code&gt;, &lt;code&gt;maven&lt;/code&gt;).&lt;/p&gt;

&lt;h2&gt;
  
  
  Exporting to Standard Formats
&lt;/h2&gt;

&lt;p&gt;While a table is great for humans, tools prefer standard formats like SPDX or CycloneDX. Let's export our SBOM to a JSON file using the SPDX format:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker scout sbom hello-wowlrd:latest &lt;span class="nt"&gt;--format&lt;/span&gt; spdx &lt;span class="nt"&gt;--output&lt;/span&gt; sbom.spdx.json
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;If you investigate the file, you will see a detailed inventory:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;jq &lt;span class="nb"&gt;.&lt;/span&gt; sbom.spdx.json | less
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This file contains every package, its version, and its license—perfect for compliance and automated scanning. You can check available formats by running &lt;code&gt;docker scout sbom --help&lt;/code&gt;. Try exporting in CycloneDX format and compare it with the SPDX output!&lt;/p&gt;

&lt;h2&gt;
  
  
  Exercise: Comparing Base Images
&lt;/h2&gt;

&lt;p&gt;One of the best ways to understand the value of an SBOM is to compare different base images. For example, let's look at the difference between a standard Node.js image and its Alpine counterpart:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker scout sbom node:25 &lt;span class="nt"&gt;--format&lt;/span&gt; list
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Versus:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker scout sbom node:25-alpine &lt;span class="nt"&gt;--format&lt;/span&gt; list
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;You'll notice that the Alpine version is significantly smaller, with fewer packages. This is why "minimal base images" are a core tenet of container security—fewer residents mean fewer places for CVE monsters to hide.&lt;/p&gt;

&lt;h2&gt;
  
  
  What's Next?
&lt;/h2&gt;

&lt;p&gt;Now that we have our list of residents, the next mission is to find the monsters. In the next post, we'll use Docker Scout to scan for CVEs.&lt;/p&gt;

&lt;p&gt;Want the full mission? Visit &lt;a href="https://dev.to/commandos"&gt;Docker Commandos&lt;/a&gt; or &lt;a href="https://dev.to/contact"&gt;request a workshop&lt;/a&gt;.&lt;/p&gt;

</description>
      <category>docker</category>
      <category>commandos</category>
    </item>
    <item>
      <title>Dockerizing a Java 26 Project with Docker Init</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Tue, 31 Mar 2026 13:56:57 +0000</pubDate>
      <link>https://dev.to/docker/dockerizing-a-java-26-project-with-docker-init-2agp</link>
      <guid>https://dev.to/docker/dockerizing-a-java-26-project-with-docker-init-2agp</guid>
      <description>&lt;p&gt;Docker Init was introduced in Docker Desktop 4.27, before LLMs became the default answer to everything. It's a "smart" interactive wizard that analyzes your project and generates:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;A &lt;code&gt;Dockerfile&lt;/code&gt; (multi-stage, production-ready)&lt;/li&gt;
&lt;li&gt;A &lt;code&gt;compose.yaml&lt;/code&gt; file&lt;/li&gt;
&lt;li&gt;A &lt;code&gt;.dockerignore&lt;/code&gt; file&lt;/li&gt;
&lt;li&gt;A &lt;code&gt;README.Docker.md&lt;/code&gt; with build and run instructions&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;What makes it valuable is that it's deterministic—not a probabilistic guess. It produces the same correct output every time, following Docker's own best practices.&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk3zwizuxt2dwpgs2qufj.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fk3zwizuxt2dwpgs2qufj.png" alt="Docker Commandos setting up the command center" width="800" height="597"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;h2&gt;
  
  
  Technical Requirements
&lt;/h2&gt;

&lt;ul&gt;
&lt;li&gt;Docker Desktop 4.27 or later&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Create a New Project
&lt;/h2&gt;

&lt;p&gt;I'm using a Spring Boot project. Because it's early Spring now and I haven't touched one in a while—so let's go.&lt;/p&gt;

&lt;p&gt;Head to &lt;a href="https://start.spring.io/" rel="noopener noreferrer"&gt;start.spring.io&lt;/a&gt; and create a project with:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Project:&lt;/strong&gt; Maven&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Language:&lt;/strong&gt; Java&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Spring Boot:&lt;/strong&gt; 4.0.5 &lt;em&gt;(or whatever the latest stable is)&lt;/em&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Packaging:&lt;/strong&gt; Jar&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Java:&lt;/strong&gt; 26&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;I used these coordinates, but pick your own:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;Group:&lt;/strong&gt; io.dockersecurity&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Artifact:&lt;/strong&gt; hello-wowlrd&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Package Name:&lt;/strong&gt; io.dockersecurity.hello-wowlrd&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Download, unzip, and step into the directory:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;&lt;span class="nb"&gt;cd &lt;/span&gt;hello-wowlrd
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  Run Docker Init
&lt;/h2&gt;

&lt;p&gt;As my British friend say, "It's Docker, innit?"&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker init
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The interactive wizard detects your Java project automatically. Accept "Java", confirm the source directory and Java version, and enter the port:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight plaintext"&gt;&lt;code&gt;? What application platform does your project use? Java
? What's the relative directory (with a leading .) for your app? ./src
? What version of Java do you want to use? 26
? What port does your server listen on? 8080
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Docker Init generates four files. The one that matters most is the &lt;code&gt;Dockerfile&lt;/code&gt;:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight docker"&gt;&lt;code&gt;&lt;span class="c"&gt;# syntax=docker/dockerfile:1&lt;/span&gt;

&lt;span class="c"&gt;################################################################################&lt;/span&gt;
&lt;span class="c"&gt;# Stage 1: resolve and download dependencies&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;eclipse-temurin:26-jdk-jammy&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="k"&gt;as&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;deps&lt;/span&gt;

&lt;span class="k"&gt;WORKDIR&lt;/span&gt;&lt;span class="s"&gt; /build&lt;/span&gt;

&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; --chmod=0755 mvnw mvnw&lt;/span&gt;
&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; .mvn/ .mvn/&lt;/span&gt;

&lt;span class="k"&gt;RUN &lt;/span&gt;&lt;span class="nt"&gt;--mount&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;type&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;bind&lt;/span&gt;,source&lt;span class="o"&gt;=&lt;/span&gt;pom.xml,target&lt;span class="o"&gt;=&lt;/span&gt;pom.xml &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--mount&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;type&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;cache,target&lt;span class="o"&gt;=&lt;/span&gt;/root/.m2 ./mvnw dependency:go-offline &lt;span class="nt"&gt;-DskipTests&lt;/span&gt;

&lt;span class="c"&gt;################################################################################&lt;/span&gt;
&lt;span class="c"&gt;# Stage 2: build the application&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;deps&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="k"&gt;as&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;package&lt;/span&gt;

&lt;span class="k"&gt;WORKDIR&lt;/span&gt;&lt;span class="s"&gt; /build&lt;/span&gt;

&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; ./src src/&lt;/span&gt;
&lt;span class="k"&gt;RUN &lt;/span&gt;&lt;span class="nt"&gt;--mount&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;type&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;bind&lt;/span&gt;,source&lt;span class="o"&gt;=&lt;/span&gt;pom.xml,target&lt;span class="o"&gt;=&lt;/span&gt;pom.xml &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--mount&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;&lt;span class="nb"&gt;type&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;cache,target&lt;span class="o"&gt;=&lt;/span&gt;/root/.m2 &lt;span class="se"&gt;\
&lt;/span&gt;    ./mvnw package &lt;span class="nt"&gt;-DskipTests&lt;/span&gt; &lt;span class="o"&gt;&amp;amp;&amp;amp;&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nb"&gt;mv &lt;/span&gt;target/&lt;span class="si"&gt;$(&lt;/span&gt;./mvnw &lt;span class="nb"&gt;help&lt;/span&gt;:evaluate &lt;span class="nt"&gt;-Dexpression&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;project.artifactId &lt;span class="nt"&gt;-q&lt;/span&gt; &lt;span class="nt"&gt;-DforceStdout&lt;/span&gt;&lt;span class="si"&gt;)&lt;/span&gt;-&lt;span class="si"&gt;$(&lt;/span&gt;./mvnw &lt;span class="nb"&gt;help&lt;/span&gt;:evaluate &lt;span class="nt"&gt;-Dexpression&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;project.version &lt;span class="nt"&gt;-q&lt;/span&gt; &lt;span class="nt"&gt;-DforceStdout&lt;/span&gt;&lt;span class="si"&gt;)&lt;/span&gt;.jar target/app.jar

&lt;span class="c"&gt;################################################################################&lt;/span&gt;
&lt;span class="c"&gt;# Stage 3: extract Spring Boot layers&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;package&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="k"&gt;as&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;extract&lt;/span&gt;

&lt;span class="k"&gt;WORKDIR&lt;/span&gt;&lt;span class="s"&gt; /build&lt;/span&gt;

&lt;span class="k"&gt;RUN &lt;/span&gt;java &lt;span class="nt"&gt;-Djarmode&lt;/span&gt;&lt;span class="o"&gt;=&lt;/span&gt;layertools &lt;span class="nt"&gt;-jar&lt;/span&gt; target/app.jar extract &lt;span class="nt"&gt;--destination&lt;/span&gt; target/extracted

&lt;span class="c"&gt;################################################################################&lt;/span&gt;
&lt;span class="c"&gt;# Stage 4: minimal runtime image&lt;/span&gt;
&lt;span class="k"&gt;FROM&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;eclipse-temurin:26-jre-jammy&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="k"&gt;AS&lt;/span&gt;&lt;span class="w"&gt; &lt;/span&gt;&lt;span class="s"&gt;final&lt;/span&gt;

&lt;span class="k"&gt;ARG&lt;/span&gt;&lt;span class="s"&gt; UID=10001&lt;/span&gt;
&lt;span class="k"&gt;RUN &lt;/span&gt;adduser &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--disabled-password&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--gecos&lt;/span&gt; &lt;span class="s2"&gt;""&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--home&lt;/span&gt; &lt;span class="s2"&gt;"/nonexistent"&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--shell&lt;/span&gt; &lt;span class="s2"&gt;"/sbin/nologin"&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--no-create-home&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    &lt;span class="nt"&gt;--uid&lt;/span&gt; &lt;span class="s2"&gt;"&lt;/span&gt;&lt;span class="k"&gt;${&lt;/span&gt;&lt;span class="nv"&gt;UID&lt;/span&gt;&lt;span class="k"&gt;}&lt;/span&gt;&lt;span class="s2"&gt;"&lt;/span&gt; &lt;span class="se"&gt;\
&lt;/span&gt;    appuser
&lt;span class="k"&gt;USER&lt;/span&gt;&lt;span class="s"&gt; appuser&lt;/span&gt;

&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; --from=extract build/target/extracted/dependencies/ ./&lt;/span&gt;
&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; --from=extract build/target/extracted/spring-boot-loader/ ./&lt;/span&gt;
&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; --from=extract build/target/extracted/snapshot-dependencies/ ./&lt;/span&gt;
&lt;span class="k"&gt;COPY&lt;/span&gt;&lt;span class="s"&gt; --from=extract build/target/extracted/application/ ./&lt;/span&gt;

&lt;span class="k"&gt;EXPOSE&lt;/span&gt;&lt;span class="s"&gt; 8080&lt;/span&gt;

&lt;span class="k"&gt;ENTRYPOINT&lt;/span&gt;&lt;span class="s"&gt; [ "java", "org.springframework.boot.loader.launch.JarLauncher" ]&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;This is already a proper multi-stage build: separate stages for dependency resolution, compilation, layer extraction, and a minimal runtime image with a non-root user. Gord would approve.&lt;/p&gt;

&lt;h2&gt;
  
  
  A Note on Java 26 Base Images
&lt;/h2&gt;

&lt;p&gt;The generated Dockerfile references &lt;code&gt;eclipse-temurin:26-jdk-jammy&lt;/code&gt; and &lt;code&gt;eclipse-temurin:26-jre-jammy&lt;/code&gt;. Since Java 26 was just released, these Eclipse Temurin images may not be fully available on Docker Hub yet.&lt;/p&gt;

&lt;p&gt;Swap them out for SAP Machine images instead—SAP's free OpenJDK distribution ships Java 26 on Ubuntu 24.04 (Noble Numbat):&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;code&gt;sapmachine:26-jdk-ubuntu-noble&lt;/code&gt;&lt;/li&gt;
&lt;li&gt;&lt;code&gt;sapmachine:26-jre-ubuntu-noble&lt;/code&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;Find them on Docker Hub: &lt;a href="https://hub.docker.com/_/sapmachine" rel="noopener noreferrer"&gt;hub.docker.com/_/sapmachine&lt;/a&gt;. Just replace &lt;code&gt;eclipse-temurin&lt;/code&gt; with &lt;code&gt;sapmachine&lt;/code&gt; in both &lt;code&gt;FROM&lt;/code&gt; lines.&lt;/p&gt;

&lt;h2&gt;
  
  
  Build and Run
&lt;/h2&gt;



&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker compose up &lt;span class="nt"&gt;--build&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The generated &lt;code&gt;compose.yaml&lt;/code&gt; is minimal:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight yaml"&gt;&lt;code&gt;&lt;span class="na"&gt;services&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
  &lt;span class="na"&gt;server&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
    &lt;span class="na"&gt;build&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="na"&gt;context&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt; &lt;span class="s"&gt;.&lt;/span&gt;
    &lt;span class="na"&gt;ports&lt;/span&gt;&lt;span class="pi"&gt;:&lt;/span&gt;
      &lt;span class="pi"&gt;-&lt;/span&gt; &lt;span class="s"&gt;8080:8080&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;The application starts, and immediately stops with exit code 0. That's expected: there's no HTTP endpoint to keep it alive.&lt;/p&gt;

&lt;h2&gt;
  
  
  Add a Controller
&lt;/h2&gt;

&lt;p&gt;Create &lt;code&gt;src/main/java/io/dockersecurity/hellowowlrd/HelloController.java&lt;/code&gt;:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight java"&gt;&lt;code&gt;&lt;span class="kn"&gt;package&lt;/span&gt; &lt;span class="nn"&gt;io.dockersecurity.hellowowlrd&lt;/span&gt;&lt;span class="o"&gt;;&lt;/span&gt;

&lt;span class="kn"&gt;import&lt;/span&gt; &lt;span class="nn"&gt;org.springframework.web.bind.annotation.GetMapping&lt;/span&gt;&lt;span class="o"&gt;;&lt;/span&gt;
&lt;span class="kn"&gt;import&lt;/span&gt; &lt;span class="nn"&gt;org.springframework.web.bind.annotation.RestController&lt;/span&gt;&lt;span class="o"&gt;;&lt;/span&gt;

&lt;span class="nd"&gt;@RestController&lt;/span&gt;
&lt;span class="kd"&gt;public&lt;/span&gt; &lt;span class="kd"&gt;class&lt;/span&gt; &lt;span class="nc"&gt;HelloController&lt;/span&gt; &lt;span class="o"&gt;{&lt;/span&gt;

    &lt;span class="nd"&gt;@GetMapping&lt;/span&gt;&lt;span class="o"&gt;(&lt;/span&gt;&lt;span class="s"&gt;"/"&lt;/span&gt;&lt;span class="o"&gt;)&lt;/span&gt;
    &lt;span class="kd"&gt;public&lt;/span&gt; &lt;span class="nc"&gt;String&lt;/span&gt; &lt;span class="nf"&gt;hello&lt;/span&gt;&lt;span class="o"&gt;()&lt;/span&gt; &lt;span class="o"&gt;{&lt;/span&gt;
        &lt;span class="k"&gt;return&lt;/span&gt; &lt;span class="s"&gt;"Hello, Docker Security!"&lt;/span&gt;&lt;span class="o"&gt;;&lt;/span&gt;
    &lt;span class="o"&gt;}&lt;/span&gt;
&lt;span class="o"&gt;}&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Add the Spring Web dependency to &lt;code&gt;pom.xml&lt;/code&gt;:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight xml"&gt;&lt;code&gt;&lt;span class="nt"&gt;&amp;lt;dependency&amp;gt;&lt;/span&gt;
    &lt;span class="nt"&gt;&amp;lt;groupId&amp;gt;&lt;/span&gt;org.springframework.boot&lt;span class="nt"&gt;&amp;lt;/groupId&amp;gt;&lt;/span&gt;
    &lt;span class="nt"&gt;&amp;lt;artifactId&amp;gt;&lt;/span&gt;spring-boot-starter-web&lt;span class="nt"&gt;&amp;lt;/artifactId&amp;gt;&lt;/span&gt;
&lt;span class="nt"&gt;&amp;lt;/dependency&amp;gt;&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Build and run again:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;docker compose up &lt;span class="nt"&gt;--build&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;p&gt;Verify:&lt;br&gt;
&lt;/p&gt;

&lt;div class="highlight js-code-highlight"&gt;
&lt;pre class="highlight shell"&gt;&lt;code&gt;curl http://localhost:8080
&lt;span class="c"&gt;# Hello, Docker Security!&lt;/span&gt;
&lt;/code&gt;&lt;/pre&gt;

&lt;/div&gt;



&lt;h2&gt;
  
  
  See It Live — Jfokus 2026
&lt;/h2&gt;

&lt;p&gt;I presented Docker Init and Docker security at Jfokus in Stockholm in February 2026. If you want to see the commands in action rather than reading about them, the full talk is on YouTube:&lt;/p&gt;

&lt;p&gt;  &lt;iframe src="https://www.youtube.com/embed/_SXz9TSz93w"&gt;
  &lt;/iframe&gt;
&lt;/p&gt;

&lt;h2&gt;
  
  
  More Links
&lt;/h2&gt;

&lt;p&gt;Docker Init supports more than Java. If you want to try it with other languages, Docker's official guides are the place to start: &lt;a href="https://docs.docker.com/guides/" rel="noopener noreferrer"&gt;docs.docker.com/guides&lt;/a&gt;.&lt;/p&gt;

&lt;p&gt;I co-authored the C++ guide—Docker thanked me for it at the top of the page, which means I wrote those words and then thanked myself on their behalf. Worth a read:&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://docs.docker.com/guides/cpp/" rel="noopener noreferrer"&gt;docs.docker.com/guides/cpp&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;

&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;Java 26 just shipped and Docker Init handles it cleanly out of the box—multi-stage build, layer extraction, non-root user, bind mounts for caching. You get a production-ready Dockerfile in under a minute. When Eclipse Temurin catches up, swap the base images back. Until then, SAP Machine has you covered.&lt;/p&gt;

&lt;p&gt;Docker Init is Gord's move. The rest of the Commandos handle what comes after.&lt;/p&gt;




&lt;h2&gt;
  
  
  The Docker Commandos
&lt;/h2&gt;

&lt;p&gt;Docker Init is assigned to &lt;strong&gt;Commando 1: Gord&lt;/strong&gt;. In the Docker Commandos workshop, each Docker security feature is taught through a character on a mission to defend Asgard from CVE monsters. The ten commandos are:&lt;/p&gt;

&lt;ol&gt;
&lt;li&gt;
&lt;strong&gt;Gord&lt;/strong&gt; — &lt;code&gt;docker init&lt;/code&gt;: establish a secure base from day one ← &lt;em&gt;you are here&lt;/em&gt;
&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Rothütle&lt;/strong&gt; — SBOM: inventory every dependency in your image&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Jack&lt;/strong&gt; — Docker Scout: hunt CVEs across your supply chain&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;The Valkyrie&lt;/strong&gt; — SBOM Attestations: cryptographically sign your component inventory&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Artemisia&lt;/strong&gt; — Docker Hardened Images: near-zero-CVE base images&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Mina&lt;/strong&gt; — VEX Exemptions: mark false-positive CVEs as not exploitable&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;RuinTan&lt;/strong&gt; — VEX Attestations: attach signed exemptions to your image&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Captain Ahab&lt;/strong&gt; — Docker Bake: codify your entire build pipeline in one file&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Evie&lt;/strong&gt; — Cosign: sign images and attestations cryptographically&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Agent Null&lt;/strong&gt; — Zero-Day Defense: harden against unknown, unpatched threats&lt;/li&gt;
&lt;/ol&gt;

&lt;p&gt;The workshop has been delivered at WeAreDevelopers World Congress, Jfokus, and Rabobank. More at &lt;a href="https://dockersecurity.io/commandos" rel="noopener noreferrer"&gt;dockersecurity.io/commandos&lt;/a&gt;.&lt;/p&gt;

</description>
      <category>docker</category>
      <category>java</category>
      <category>commandos</category>
    </item>
    <item>
      <title>The Complete Docker Read List: Q1 2026 Edition</title>
      <dc:creator>Mohammad-Ali A'RÂBI</dc:creator>
      <pubDate>Thu, 26 Mar 2026 17:21:39 +0000</pubDate>
      <link>https://dev.to/docker/the-complete-docker-read-list-q1-2026-edition-3gg8</link>
      <guid>https://dev.to/docker/the-complete-docker-read-list-q1-2026-edition-3gg8</guid>
      <description>&lt;p&gt;2026 has been phenomenal in the number of books published on Docker or by Docker Captains so far. So, I decided to compile the books published in the first quarter of 2026 into an article for more people to discover them.&lt;/p&gt;

&lt;p&gt;You can also read the article &lt;a href="https://www.dockersecurity.io/blog/docker-read-list-2026-q1" rel="noopener noreferrer"&gt;here&lt;/a&gt;, which looks slightly better.&lt;/p&gt;




&lt;h2&gt;
  
  
  1️⃣ Black Forest Shadow: A Dark Fantasy Guide to Docker and Kubernetes Security
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Mohammad-Ali A'râbi (Docker Captain)&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fby2euj9690nmf0ynp36d.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fby2euj9690nmf0ynp36d.jpg" alt="Black Forest Shadow book cover" width="680" height="1020"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;blockquote&gt;
&lt;p&gt;If you've ever thought learning about Kubernetes and container hardening was a bit dry, Mohammad-Ali A'râbi is here to prove you wrong. &lt;em&gt;Black Forest Shadow&lt;/em&gt; is a highly creative, dark fantasy guide to Docker and Kubernetes security.&lt;/p&gt;

&lt;p&gt;—Claude&lt;/p&gt;
&lt;/blockquote&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; The book weaves complex concepts like runtime security, SBOM generation, and container hardening into an exciting narrative set in the mystical Black Forest of 1865.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It transforms standard cybersecurity challenges—like tracking down CVEs and preventing lateral movement—into an immersive, story-driven adventure. It's ideal for developers and security engineers seeking a distinctive, memorable approach to DevSecOps.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://buy.dockersecurity.io" rel="noopener noreferrer"&gt;DockerSecurity.io&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://DockerSecurity.io/amz/bfs" rel="noopener noreferrer"&gt;Amazon&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.thalia.de/shop/home/artikeldetails/A1078659350" rel="noopener noreferrer"&gt;Thalia&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.hugendubel.de/de/taschenbuch/mohammad_ali_a_rabi-black_forest_shadow-52778151-produkt-details.html" rel="noopener noreferrer"&gt;Hugendubel&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  2️⃣ The Rust Programming Handbook: An End-to-end Guide to Mastering Rust Fundamentals
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Francesco Ciulla (Docker Captain)&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F97qvqlgkns2cryqnax9x.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F97qvqlgkns2cryqnax9x.jpg" alt="The Rust Programming Handbook book cover" width="800" height="986"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Rust is the new C, and it's been on my list for 5 years now. Now, finally, I know which book to read to learn it. Written by my dear friend and fellow Docker Captain, Francesco Ciulla, who has been teaching Rust for many years now.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; This handbook takes you from foundational syntax to advanced features like memory safety and concurrency models. Crucially for this list, it includes dedicated, hands-on sections on Dockerizing and deploying your Rust applications!&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It bridges the gap between beginner tutorials and production-ready coding for low-level system components or high-performance web services.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.packtpub.com/en-us/product/the-rust-programming-handbook-9781836208860" rel="noopener noreferrer"&gt;Packt Publishing&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://www.walmart.com/ip/The-Rust-Programming-Handbook-An-end-to-end-guide-to-mastering-Rust-fundamentals-Paperback-9781836208877/19000900376" rel="noopener noreferrer"&gt;Walmart&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  3️⃣ Docker for Front-end Developers (Featuring React.js)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Kristiyan Velkov (Docker Captain)&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcm2iyi46tzclgn1ejpk0.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fcm2iyi46tzclgn1ejpk0.jpg" alt="Docker for Front-end Developers book cover" width="640" height="837"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Front-end developers, rejoice! As a backend engineer, it has always been hard for me to onboard frontend people to Docker, because I spoke Klingon for them. My dear friend, Docker Captain Kristiyan Velkov, has done an awesome job writing a containerization guide specifically tailored to how front-end engineers think, build, and ship. I should say, it also looks good.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; Moving past backend-centric explanations, this book walks you through containerizing real-world applications (with a heavy focus on React). You'll learn how to write clean Dockerfiles, configure NGINX properly, implement multi-stage builds, and handle caching securely.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It's a purely practical, visually-driven guide that teaches you how to take full ownership of your environments without getting bogged down in abstract backend theory.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.dockerfrontend.com/" rel="noopener noreferrer"&gt;Official website&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://leanpub.com/docker-reactjs" rel="noopener noreferrer"&gt;Leanpub&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://kristiyanvelkov.com/b/docker-for-reactjs-developers" rel="noopener noreferrer"&gt;Author's Website&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  4️⃣ The Ultimate Docker Container Book (Fourth Edition)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Dr. Gabriel N. Schenker&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyusiyhwdhrl4a7j5nvh5.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fyusiyhwdhrl4a7j5nvh5.jpg" alt="The Ultimate Docker Container Book cover" width="800" height="986"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Hitting shelves on March 31, 2026, this absolute heavyweight of a book clocks in at over 750 pages and leaves no stone unturned. Jeez, I need an extra bookshelf just for this book's weight.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; It takes you from basic container concepts all the way to running production-grade platforms. The fourth edition places a massive new emphasis on security, enterprise governance, compliance, and AI-driven automation patterns.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It is designed for system administrators, DevOps engineers, and architects who need to build and scale secure, future-ready container platforms across major cloud providers.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.packtpub.com/en-be/product/the-ultimate-docker-container-book-9781805804390" rel="noopener noreferrer"&gt;Packt Publishing&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  5️⃣ Docker: Das Praxisbuch für Entwickler und DevOps-Teams (5th Edition)
&lt;/h2&gt;

&lt;p&gt;&lt;strong&gt;Authors:&lt;/strong&gt; Bernd Öggl &amp;amp; Michael Kofler&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F47a7f73aeecmkcfud9cl.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F47a7f73aeecmkcfud9cl.png" alt="Docker Das Praxisbuch book cover" width="565" height="800"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;For the German-speaking tech community, the definitive Docker reference guide gets a major Q1 2026 update.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; A comprehensive, 580+ page practical guide covering everything from setting up Docker to CI/CD pipelines, GitLab integration, Swarm, and Kubernetes orchestration.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It's an excellent, hands-on resource that balances basic principles with advanced, modern use cases like modernizing legacy applications and working with specialized databases.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.rheinwerk-verlag.de/docker-das-praxisbuch-fuer-entwickler-und-devops-teams/" rel="noopener noreferrer"&gt;Rheinwerk Verlag&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  Honorable Mentions from 2025
&lt;/h2&gt;

&lt;p&gt;Well, while researching the new 2026 Docker books, I stumbled upon a recent video by Bret Fisher interviewing the author of a rather interesting book. That inspired me to add this honorable mentions section. I promise my original intention wasn't to sneak my own book in here, but hey, it just happened!&lt;/p&gt;

&lt;h3&gt;
  
  
  Learn Docker in a Month of Lunches (Second Edition)
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Elton Stoneman&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fytaopwmeln2pbmceqpfr.png" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fytaopwmeln2pbmceqpfr.png" alt="Learn Docker in a Month of Lunches book cover" width="360" height="451"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Published in 2025, this is the much-anticipated update to one of the most beloved Docker books on the market.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; A complete refresh of the classic guide. It breaks down Docker fundamentals into digestible, daily lessons. This edition covers multi-platform builds, the latest cloud container services, and navigating the modern Kubernetes ecosystem.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; If you are a beginner looking for a structured, manageable way to learn—or an experienced dev needing to catch up on years of ecosystem changes—this is the gold standard.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://www.manning.com/" rel="noopener noreferrer"&gt;Manning Publications&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h3&gt;
  
  
  Getting Started with Docker (2025 Edition)
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Nigel Poulton (Docker Captain)&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7upkb6g6wxq9uxd6ucyj.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2F7upkb6g6wxq9uxd6ucyj.jpg" alt="Getting Started with Docker book cover" width="640" height="831"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;Nigel Poulton's fast-paced introduction to Docker received a significant 2025 update, adding a dedicated chapter on running local LLMs with Docker Model Runner — including building a multi-container chatbot app.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; A streamlined, hands-on guide to container fundamentals, Docker Compose, and microservices — now with a practical AI chapter for developers who want to run models locally.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It's the quickest path from zero to productive with Docker, and the new AI content makes it uniquely relevant for 2025 and beyond.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://leanpub.com/gsd" rel="noopener noreferrer"&gt;Leanpub&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h3&gt;
  
  
  Docker and Kubernetes Security
&lt;/h3&gt;

&lt;p&gt;&lt;strong&gt;Author:&lt;/strong&gt; Mohammad-Ali A'râbi (Docker Captain)&lt;/p&gt;

&lt;p&gt;&lt;a href="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa5p1waauyl3hgera887u.jpg" class="article-body-image-wrapper"&gt;&lt;img src="https://media2.dev.to/dynamic/image/width=800%2Cheight=%2Cfit=scale-down%2Cgravity=auto%2Cformat=auto/https%3A%2F%2Fdev-to-uploads.s3.amazonaws.com%2Fuploads%2Farticles%2Fa5p1waauyl3hgera887u.jpg" alt="Docker and Kubernetes Security book cover" width="640" height="793"&gt;&lt;/a&gt;&lt;/p&gt;

&lt;p&gt;A DevOps Dozen 2025 finalist for Best DevOps Book of the Year, this practical guide covers container security across the full development lifecycle—from build to production.&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;
&lt;strong&gt;What it's about:&lt;/strong&gt; Ten chapters spanning supply chain security (SBOMs, OCI 1.1 attestations, vulnerability scanning with Docker Scout, Trivy, and Snyk) and runtime protection with Falco, RBAC, and Kubernetes pod security.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Why you should read it:&lt;/strong&gt; It is the most comprehensive hands-on resource available for teams serious about securing their container platforms end-to-end.&lt;/li&gt;
&lt;li&gt;
&lt;strong&gt;Where to get it:&lt;/strong&gt;

&lt;ul&gt;
&lt;li&gt;&lt;a href="https://buy.dockersecurity.io" rel="noopener noreferrer"&gt;DockerSecurity.io&lt;/a&gt;&lt;/li&gt;
&lt;li&gt;&lt;a href="https://buy.dockersecurity.io/amz/dks" rel="noopener noreferrer"&gt;Amazon&lt;/a&gt;&lt;/li&gt;
&lt;/ul&gt;


&lt;/li&gt;

&lt;/ul&gt;

&lt;h2&gt;
  
  
  Conclusion
&lt;/h2&gt;

&lt;p&gt;The Docker and Kubernetes ecosystem has never had a stronger reading list, to be &lt;em&gt;completely&lt;/em&gt; humble! From dark fantasy security guides to hands-on Rust handbooks and front-end containerization primers, Q1 2026 proves that the community is producing more creative, accessible, and production-focused material than ever before.&lt;/p&gt;

&lt;p&gt;Stay tuned as more books are coming in Q2. I'm involved in reviewing one of them, so I'm excited for the quarter to come.&lt;/p&gt;

&lt;p&gt;&lt;em&gt;Have a book that should be on this list? Leave a comment.&lt;/em&gt;&lt;/p&gt;

</description>
      <category>docker</category>
      <category>books</category>
    </item>
    <item>
      <title>Docker Just Made Hardened Images Free for Everyone – Let's Check Them Out!</title>
      <dc:creator>Anil Kumar Moka</dc:creator>
      <pubDate>Mon, 29 Dec 2025 02:03:18 +0000</pubDate>
      <link>https://dev.to/docker/docker-just-made-hardened-images-free-for-everyone-lets-check-them-out-499h</link>
      <guid>https://dev.to/docker/docker-just-made-hardened-images-free-for-everyone-lets-check-them-out-499h</guid>
      <description>&lt;p&gt;Hey everyone! If you're like me and spend a lot of time building and deploying containers, you've probably worried about security at some point. Supply chain attacks are no joke these days, and starting with a solid, secure base can make a huge difference. That's why I'm super excited about the recent news from Docker: they've made Docker Hardened Images (DHI) completely free and open source for all developers!Back in May 2025, Docker launched these hardened images as a way to give us minimal, secure, production-ready bases. And just a couple weeks ago (December 17, 2025), they announced that the whole catalog – over 1,000 images and Helm charts – is now free, under Apache 2.0. No subscriptions needed for the basics, no restrictions, no gotchas. This feels like a game-changer for making secure containers the default instead of an afterthought.Let me break it down for you based on the official blog post and docs, and share some practical ways you can start using them today.&lt;/p&gt;

&lt;h2&gt;
  
  
  What Are Docker Hardened Images?
&lt;/h2&gt;

&lt;p&gt;In simple terms, DHI are container images that Docker maintains with security front and center. They're built on familiar bases like Alpine and Debian, but stripped down to the essentials. No unnecessary shells, compilers, or package managers that could open up attack vectors.The result? &lt;br&gt;
Images up to 95% smaller&lt;/p&gt;

&lt;ul&gt;
&lt;li&gt;Way fewer CVEs (they aim for near-zero)&lt;/li&gt;
&lt;li&gt;Secure defaults, like running as non-root&lt;/li&gt;
&lt;li&gt;Full transparency with SBOMs (software bill of materials), &lt;/li&gt;
&lt;li&gt;SLSA Level 3 provenance, and no hidden vulnerabilities&lt;/li&gt;
&lt;/ul&gt;

&lt;p&gt;They're inspired by distroless ideas but keep enough tools so you don't have to fight with them in real workflows. And unlike some proprietary options, these are open, compatible with what you're already using, and easy to adopt.&lt;/p&gt;

&lt;p&gt;There's a free tier for everyone, and an Enterprise version if you need extras like FIPS compliance, customizations, or super-fast patching SLAs.&lt;/p&gt;

&lt;h2&gt;
  
  
  Why This Matters (And Why Now)
&lt;/h2&gt;

&lt;p&gt;Supply chain attacks are exploding – projected to cost $60 billion this year alone. A lot of that risk comes from bloated base images pulling in stuff your app doesn't need. By starting with a hardened image, you're shrinking that attack surface right from the first docker build.Docker's basically saying: let's make secure-by-default the new normal. And with partnerships from folks like Google, MongoDB, and CNCF, plus companies like Adobe and Qualcomm already using them, it seems like it's catching on fast.&lt;/p&gt;

&lt;h2&gt;
  
  
  How to Get Started – It's Super Easy
&lt;/h2&gt;

&lt;p&gt;Head over to the catalog on Docker Hub: &lt;a href="https://hub.docker.com/hardened-images/catalog" rel="noopener noreferrer"&gt;https://hub.docker.com/hardened-images/catalog&lt;/a&gt; (you might need to sign in with your Docker ID).Or pull directly from dhi.io. &lt;/p&gt;

&lt;p&gt;For example, let's try a Python one:bash&lt;/p&gt;

&lt;p&gt;&lt;code&gt;docker pull dhi.io/python:3.13&lt;br&gt;
&lt;/code&gt;&lt;br&gt;
Then run something simple:bash&lt;/p&gt;

&lt;p&gt;&lt;code&gt;docker run --rm dhi.io/python:3.13 python -c "print('Hello from a hardened image!')"&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;In your Dockerfile, just swap the base:&lt;/p&gt;

&lt;p&gt;&lt;code&gt;FROM dhi.io/python:3.13&lt;br&gt;
COPY . /app&lt;br&gt;
WORKDIR /app&lt;br&gt;
CMD ["python", "app.py"]&lt;/code&gt;&lt;/p&gt;

&lt;p&gt;They work great in CI/CD too. And if you're on Kubernetes, check out the open source Hardened Helm Charts.&lt;br&gt;
Pro tip from the docs: These images are minimal on purpose, so no shell by default in runtime variants. Use multi-stage builds – compile in a -dev or -sdk tag, then copy to the slim runtime one.&lt;/p&gt;

&lt;h2&gt;
  
  
  Some Practical Use Cases I Can See
&lt;/h2&gt;

&lt;p&gt;Imagine you're building a Node.js API for a startup. Instead of starting with the regular node image (which has extra stuff), switch to a hardened one. Smaller images mean faster deploys, fewer vulnerabilities to scan, and you sleep better knowing it's locked down.&lt;/p&gt;

&lt;p&gt;Or say you're deploying MongoDB in prod. Docker has hardened versions of popular MCP servers like Mongo, Grafana, and more. Drop one in, and you've got a secure foundation without rolling your own hardening scripts.&lt;/p&gt;

&lt;p&gt;For teams in regulated spaces (finance, healthcare), the free versions already give huge wins on CVEs and size. Upgrade to Enterprise if you need FIPS or extended support after upstream EOL.Even for personal projects or learning, why not start secure? It costs nothing extra now.&lt;/p&gt;

&lt;p&gt;This move by Docker feels huge, putting hardened, transparent images in everyone's hands for free. If you've been putting off tightening up your container security, now's the perfect time to jump in. Go browse the catalog, pull a couple images, and see the difference yourself. Planning to switch any of your projects over? Drop a comment if you've tried them already!&lt;/p&gt;

</description>
      <category>docker</category>
      <category>security</category>
      <category>devops</category>
      <category>opensource</category>
    </item>
  </channel>
</rss>
