Docker is launching a Verified Publisher program to create greater trust and security for developers using its tools. The announcement comes as Docker prepares for DockerCon Live 2021 — this year’s edition of its annual conference.
The new program is intended to boost the company’s trusted content that developers can use as building blocks to create applications. In a press release, Docker said Datadog, Red Hat, and VMware are among the 100 companies that have already joined the program.
Docker was influential in building the cloud-native movement but had to reboot its business in November 2019 after an enterprise-focused strategy fell flat. Docker raised another $35 million in venture capital to pursue a new strategy of creating tools for developers.
Docker’s main products are Docker Desktop, its development application, and Docker Hub, a shared container resource repository. The company sells access to these tools through a range of subscription plans. Since the pivot, the company has been busy adding new features, as well as striking partnerships that offer access to third-party tools.
The company reports that more than 200 independent software vendors are using Docker Hub to distribute software. A Verified Publisher badge will allow developers to see that software came directly from a publisher.
The security around software supply chains has become a hot topic in recent months as developers and enterprises worry about potential vulnerabilities. Particularly with open source, developers are often grabbing bits and pieces of their applications from sources that offer various levels of trust and security.
Plugging those holes at Docker is critical because the company says more than 13 billion images are being pulled monthly by 13 million developers. In addition, Docker Official Images will now be available via AWS and Mirantis.