In this post, we give our assessment of GitHub Container Registry. Minus a few surprises with the Docker v2 APIs, we think the overall user experience was a big improvement.
In this post, we give our assessment of GitHub Container Registry. Minus a few surprises with the Docker v2 APIs, we think the overall user experience was a big improvement.
Instead of drowning in a sea of reported vulnerabilities, see how each pull request will affect the overall security risk of a project and block changes that add new critical vulnerabilities, moving steadily toward more secure applications.
Instead of drowning in a sea of reported vulnerabilities, see how each pull request will affect the overall security risk of a project and block changes that add new critical vulnerabilities, moving steadily toward more secure applications.
Today we shipped an early access version of our new Docker security feature-set. The focus is on container safety — keeping images up to date, and detecting new vulnerabilities introduced by commits.
Today we shipped an early access version of our new Docker security feature-set. The focus is on container safety — keeping images up to date, and detecting new vulnerabilities introduced by commits.
Get a better approach for managing your Dockerfiles. You'll never fall behind when important fixes roll out. See how we did it at Atomist and how you can get early access to our Docker policy.
Get a better approach for managing your Dockerfiles. You'll never fall behind when important fixes roll out. See how we did it at Atomist and how you can get early access to our Docker policy.
In this article, we explore how Docker tags work, the risks and benefits of using them, and a mechanism for pinning to specific digests to bring us closer to reproducible builds.
In this article, we explore how Docker tags work, the risks and benefits of using them, and a mechanism for pinning to specific digests to bring us closer to reproducible builds.
This is a guest post by Justin Florentine, Director of Software Engineering at Elsevier. Justin shares his perspective on how and why friction happens in software. He presents the perks of using automation and how automating tasks is the simplest way to get the job done right.
This is a guest post by Justin Florentine, Director of Software Engineering at Elsevier. Justin shares his perspective on how and why friction happens in software. He presents the perks of using automation and how automating tasks is the simplest way to get the job done right.
Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.
Your custom secrets are likely some of the most critical to protect. This post outlines how you can up-level your scanning with a simple regular expression pattern added to the Secret Scanner skill, which is not covered by your Git provider scans, like GitHub's secret scanning.