Docker, Inc

Gordon is now generally available. Docker’s AI agent reads your running containers, logs, and Compose files. It already knows your environment. Gordon traces failures, proposes fixes, and takes action with your approval, at every step.  Built into Docker Desktop and the CLI. Free with every Docker account. Your coding assistant helps you write code. Gordon helps you ship it. Try it →

“The laptop is the new production. The agent is the new workload. The runtime is the new control plane.” As agents move from autocomplete to taking real action across repos, APIs, and internal systems, governance can’t stop at the cluster or the cloud perimeter anymore. If you’re trying to figure out how to safely deploy agents across engineering teams without losing visibility or control, this gets into why runtime-level policy, sandboxing, and MCP governance are becoming foundational. Forbes just covered our Docker AI Governance announcement and the shift happening underneath enterprise AI adoption: https://bit.ly/3PaW2r9

Most teams think safety slows things down. This conversation flips that idea. In this conversation from Global AI Community's ‘Silicon Minds, Human Hearts’, with Sammy Deprez, Docker COO Mark Cavage explains how safety can actually enable speed, especially as agents start running autonomously. When you can trust the environment, you can let agents run longer, move faster, and do more without constant interruption. If you’re thinking about how to move faster without losing control, check out the full discussion: https://lnkd.in/exhpD3Sx

On April 15, NIST stopped adding CVSS scores and CPE mappings to most CVEs in the National Vulnerability Database. If your team uses NVD to prioritize vulnerabilities, you now have less data to work with than before. This affects your compliance posture, especially if you're indexing on NVD feeds. Docker Hardened Images and Docker Scout pull from 22 advisory sources and match vulnerabilities using Package URLs. No dependency on NVD enrichment. Here's what changed and what to do about it:

Running Claude Code locally is only part of the story. Once you connect it to real tools and let it take action, installing packages, modifying files, interacting with systems, you need to think about where it’s running and what it can access. This guide walks through how to: - Run open-weight models locally - Connect to real tools with MCP - Safely give agents autonomy inside sandboxes The combination is what makes agents usable in real workflows, not just demos. Read → https://bit.ly/437fatd

AI workflows are moving faster than the systems teams use to review, secure, and ship them. This issue of the Docker Navigator newsletter looks at what breaks and how teams are adapting: - Hardening images without breaking developer workflows - Isolating workloads beyond containers - Responding to supply chain attacks in real time - Moving from blocked deployments to production-ready systems If you’re working through these challenges today, this issue brings together how teams are actually solving them. Read more →

Not all isolation models are built for agents. This post from Docker Captain Siri Varma Vegiraju walks through what happens when you try to run agents across different environments, chroot, systemd-nspawn, containers, VMs, gVisor, and microVMs, and where each one holds up or falls apart. The takeaway is pretty clear: once agents can install, mutate, and execute freely, most traditional assumptions around isolation start to break. If you’re thinking about how to run agents safely, this is a practical comparison worth reading. Read →

AI can help you ship faster, but what happens when you don’t fully trust the code it writes? In this episode of Ship Happens, Per Ploug Krogslund sits down with Ivar Conradi Østhus (CTO and creator of Unleash) to explore how teams are adapting as speed increases, but control becomes harder to maintain. They get into: - Why deploying daily is now table stakes for modern teams - How AI is accelerating development and increasing risk - The importance of using feature flags act as a safety net for production - How “feature ops” helps teams learn faster, not just ship faster One key idea: every change is an experiment, but production is where you learn what actually works. Watch the full episode → https://lnkd.in/dUS6qsvu

Letting agents run freely sounds great… until they start changing everything. In this episode of Data Science Dojo's ‘Future of Data and AI’, hosted by Raja Iqbal, Docker COO Mark Cavage explains why containers alone aren’t enough once agents start installing packages, mutating environments, and executing tasks end to end. The core idea: agents need freedom to work, but infrastructure has to define the boundary. Watch the full conversation to see why sandboxing is becoming a requirement for real agent workflows → https://bit.ly/4uDFPtl