-
Mar 31, 2026
Docker Sandboxes: Run Agents in YOLO Mode, Safely
Agents have crossed a threshold. Over a quarter of all production code is now AI-authored, and developers who use agents are merging roughly 60% more pull requests. But these gains only come when you let agents run autonomously. And to unlock that, you have to get out of the way. That means letting agents run…
Eric Jia,
Srini Sekaran,
and
Timir Karia
Read now
-
Apr 30, 2026
From Security Blocked to Prod Ready: ClickHouse on Docker Hardened Images
Learn how Docker Hardened Images help run ClickHouse in production by reducing CVEs and improving container security without changing your workflow.
Ajeet Singh Raina
and
Siddhant Agarwal
Read now
-
Apr 23, 2026
Trivy, KICS, and the shape of supply chain attacks so far in 2026
We caught a malicious image pushed to checkmarx/kics on Docker Hub, the image was quarantined, and we coordinated response with Socket and Checkmarx. This blog walks through what happened and why we believe open, fast collaboration is the key to responding to this new pattern of emerging supply chain attacks.
Read now
-
Apr 16, 2026
Why MicroVMs: The Architecture Behind Docker Sandboxes
Last week, we launched Docker Sandboxes with a bold goal: to deliver the strongest agent isolation in the market. This post unpacks that claim, how microVMs enable it, and some of the architectural choices we made in this approach. The Problem With Every Other Approach Every sandboxing model asks you to give something up. We…
Srini Sekaran
and
Craig Gumbley
Read now