Docker Scout vs Trivy on DHI
Docker Hardened Images through Docker Scout and Trivy in six different configurations on AWS EC2. Scout reported 0–3 CVEs. Trivy reported 10–62. After finding the …
← All Posts
Docker
Docker Hardened Images: The 2026 Architect’s Guide to Supply Chain Compliance
In 2026, a 'Standard' image is a liability. Here’s why Docker Hardened Images are becoming the mandatory baseline for the modern supply chain
How Docker Sandboxes works?: Let Agents Run Free.
Claude Code, Gemini CLI, Codex — every AI coding agent you use right now can wreck your host machine. Docker Sandboxes puts a microVM between …
How to Isolate containers with a user namespace
Your container process thinks it's root. Your host doesn't care. 🔐 By default, UID 0 inside a Docker container is the SAME UID 0 on …
Docker Security: The Bugs That Tried to Ruin Your Day
Docker actually noticed to have attracted security review and publicly disclosed vulnerabilities. In all likelihood, the bugs that haven't been reported far outnumber those that …
How a Linux Security Module silently guards your containers
What is AppArmor?Let me be direct with you. I've been running containerized workloads in production for over 4 years. In that time, I've seen everything …
Docker Security 101: Your Container Is Running as Root and You Don't Even Know It
I've been running containers in production for 4 years, and I'll be real with you: Docker's default configuration is terrifyingly permissive. It's one of those …
How to Find and Fix Dockerfile Security Issues with Hadolint
How to use Hadolint to lint Dockerfiles, catch security issues and anti-patterns before build, fix common mistakes (version pinning, non-root users, exec-form CMD), and integrate …