Aug 02, 2019

Docker ramps up container security and automation with Docker Enterprise 3.0, now publicly available

After being in beta since April, Docker Enterprise 3.0 is now publicly available. The latest update brings new enhancements to the service, including Docker Applications, Docker Kubernetes Service, and new automation tools. The Docker Kubernetes Service, a certified Kubernetes distribution, includes more ‘sensible secure defaults’ that provide developers with stronger out-of-the-box security settings. Docker Applications are essentially containers for containers, helping teams package multiple containers into a single, usable object. Wrapping these new features together is a set of new CLI tools for operations teams to deploy, scale, and backup Docker Enterprise clusters across multi-cloud deployments.

Greater automation will be vital for Docker’s long-term success. Docker implementations can often get complicated, particularly as software development depends more heavily on containerization. Companies are often running thousands of containers, each with their own configuration and development teams. Packaging these containers into a single object with Docker Applications will help operators manage different configurations more easily and enables application-wide (as opposed to only container-wide) vulnerability and security scanning. Lifecycle automation tools, too, help operations teams minimize workflow friction with packaging and deploying these containers.

Stronger security will also be increasingly important for Docker, as the positive effects that containerization brings to development speed are dampened by the container ecosystem’s growing surface area for vulnerabilities and security issues. For many companies, security is now a top concern for containers; in a recent survey of IT professionals by StackRox, 40% of respondents said that the biggest concern they had with their company’s container strategy is that it does not adequately invest in container security. Configuration adjustments and stronger out-of-the-box security settings are a positive first step toward avoiding common pitfalls and raising the minimum security tolerance of the container community as a whole.

The net result and most important impact of the new enterprise Docker platform is more streamlined interactions between developers and operators. With more accessible container-based workflows, operators can deploy more quickly to maintain developer speed, while developers can reduce security issues to allay IT concerns.

Want to get more of these in your inbox?

Subscribe for weekly updates from the Software team.