-
Mar 31, 2026
Docker Sandboxes: Run Agents in YOLO Mode, Safely
Agents have crossed a threshold. Over a quarter of all production code is now AI-authored, and developers who use agents are merging roughly 60% more pull requests. But these gains only come when you let agents run autonomously. And to unlock that, you have to get out of the way. That means letting agents run…
Eric Jia,
Srini Sekaran,
and
Timir Karia
Read now
-
Apr 23, 2026
Trivy, KICS, and the shape of supply chain attacks so far in 2026
We caught a malicious image pushed to checkmarx/kics on Docker Hub, the image was quarantined, and we coordinated response with Socket and Checkmarx. This blog walks through what happened and why we believe open, fast collaboration is the key to responding to this new pattern of emerging supply chain attacks.
Read now
-
Apr 16, 2026
Why MicroVMs: The Architecture Behind Docker Sandboxes
Last week, we launched Docker Sandboxes with a bold goal: to deliver the strongest agent isolation in the market. This post unpacks that claim, how microVMs enable it, and some of the architectural choices we made in this approach. The Problem With Every Other Approach Every sandboxing model asks you to give something up. We…
Srini Sekaran
and
Craig Gumbley
Read now
-
Apr 14, 2026
Why We Chose the Harder Path: Docker Hardened Images, One Year Later
We’re coming up on a year since launching Docker Hardened Images (DHI) this May, and in this blog we celebrate the milestones, talk about our approach, and look at some practices in the industry.
Read now