Docker, the containerization company, has made several additions to its product lineup this week in an effort to expand its appeal beyond developer workstations. One of the key updates is the general availability of Docker Scout, a software supply chain security tool. Users can deploy Docker Scout with Docker Desktop, Docker Hub container image registry, or Docker’s command line interface. This product replaces the previous open-source utility, Docker Scan, with Docker’s own vulnerability detection system.
Docker Scout takes a layer-by-layer view of container images and their dependencies, allowing developers to identify and prioritize potential risks. It also offers remediation advice to help developers address these risks. The tool includes a dashboard that provides an overview of vulnerabilities and their severity.
In addition to Docker Scout, Docker also announced updates to its other products. This includes new cloud infrastructure support for the Docker Build container image builder tool, which allows developer teams to offload container image building to cloud servers. This can help speed up performance and reduce delays in the development process. The update also includes team-level build caching and offline support.
Another new product introduced by Docker is Docker Debug, which brings together multiple language-specific tools for debugging containerized apps into a centralized workflow. This can save developers time by providing a streamlined debugging process.
These updates reflect Docker’s efforts to expand the value of its developer tools beyond local workstations. The company aims to provide a comprehensive solution that combines both local and cloud-based capabilities. This approach, known as “local plus cloud,” allows developers to leverage the benefits of both environments and break free from the limitations of using Docker solely as a laptop tool.
Experts have praised the updates, particularly Docker Scout, for enhancing software supply chain security practices without requiring disruptive changes to existing workflows. Users have reported positive experiences with the tool, stating that it has improved vulnerability scanning and reduced false positives.
However, Docker’s transition from free and open-source tools to proprietary and commercial ones has received some criticism from the open-source community. Docker Scan, the previous open-source utility, has been replaced by Docker Scout, which has a free tier and a subscription-based pricing model. Despite this, experts believe that the integrated and streamlined experience provided by Docker Scout can outweigh its cost.
Moving forward, Docker plans to continue building out its functionality and focusing on the developer experience. The company aims to provide developers with tools that enable them to do more with less, especially in organizations that have undergone layoffs and need to maximize the productivity of their development talent.
While Docker has experienced rapid growth in 2022, it still faces challenges in the long term. The containerization market is becoming increasingly competitive, with other major players like Kubernetes and Red Hat gaining traction. Docker will need to continue innovating and providing value-added features to maintain its position in the market.