Docker joins the Athena coalition: a cross-industry collaboration for supply chain security
The obvious takeaway from 2026’s biggest incidents is that attackers are increasingly using AI to move fast. Docker’s CISO, Mark Lechner, wrote about this shift and what every engineering team should do now.
What worries us is that the bar is about to drop further. For most of the last decade, finding a serious vulnerability in widely used open source took time and specialized skill. Frontier models now read code, reason across dependencies, and surface novel, chained vulnerabilities at machine speed, including flaws that survived years of expert review. Anthropic’s Mythos, and the more powerful models that follow it will find more vulnerabilities, faster, and by a wider margin than skilled humans could. The gap between a vulnerability being discovered and exploited has shrunk from years to hours, and a growing share are weaponized before they are ever public.
We believe the durable response in this reality is twofold: build products that are secure and transparent by default, and collaborate deeply across the ecosystem to share signals and intelligence. No single vendor sees the whole picture, and customers are best protected when supply chain technologies work together rather than in isolation.
Secure-by-default tools for devs, as AI embeds into the SDLC
As coding agents take on more of the software lifecycle, secure defaults have to cover more than what you build with. They have to cover where agents run and what they can reach. Today, Docker’s investment spans three areas covering sandboxes for local developers, secure dependencies, and governed access to vetted MCP tools. These capabilities and our upcoming products in the near future collectively help secure the developer environment as AI embeds itself into the SDLC:
Isolated, sandboxed execution for agents: Docker Sandboxes run AI coding agents in isolated microVMs, each with its own kernel, filesystem, and deny-by-default network, so a compromised dependency an agent pulls cannot reach the host, its credentials, or other workloads.
Trusted, open source foundations: Docker Hardened Images Community is free and open source under Apache 2.0. DHI are minimal, low-CVE images rebuilt from source with SLSA Build Level 3 provenance and signed SBOMs, built on Alpine and Debian. The catalog now spans over 3,500 hardened images and tens of thousands of hardened system packages, extending across container images, system packages, Helm charts, and MCP servers. DHI makes secure dependencies the easy, default choice.
Governed access to tools: Docker MCP Catalog and Gateway give agents a trusted, hardened set of MCP servers, plus centralized policy, secret blocking, and audit logging, so the connections agents make are verified rather than assumed.
Together these tools give developers a secure default from the first docker build through to the agent running in their environment.
Working with the ecosystem on behalf of every developer
The second part of our approach is how we work with the ecosystem. For example, with the axios compromise earlier this year and the TeamPCP campaign, Docker worked with partners including Socket, the Trivy team, Checkmarx, and others to analyze the attacks and contain the blast radius (recap). The damage potential with these attacks could have been very large, however sharing signals across company lines, in real time, is what kept the blast radius relatively small. We have said it before, this is a posture we believe the ecosystem needs more of.
Docker is joining the Athena alliance
Athena is the next step in our journey of collaboration. Announced today, it is an industry coalition for the coordinated defense of open source software in the era of AI-accelerated vulnerability discovery, and Docker is a founding participant. Athena brings together organizations from across the software ecosystem to share findings and coordinate responses before vulnerabilities become public. Docker sits at a distinctive point in the supply chain, with millions of developers relying on us to build, distribute, and run software built on open source, so helping make that ecosystem more resilient is consistent with our mission. We look forward to working with the coalition on key ways in which Docker is uniquely placed to provide expertise and scale to this important cross-industry effort.
Further reading
- Docker Sandboxes
- Docker Hardened Images
- Defending your software supply chain (Docker CISO Mark Lechner)
Related Posts
-
May 12, 2026
Docker AI Governance: Unlock Agent Autonomy, Safely
Introducing Docker AI Governance: centralized control over how agents execute, what they can reach on the network, which credentials they can use, and which MCP tools they can call, so every developer in your company can run AI agents safely, wherever they work. Your laptop is the new prod Agents are the biggest productivity unlock…
Srini SekaranRead now
-
Jun 11, 2026
Docker Hardened Images enhanced vulnerability scanning with Docker and Aikido
Aikido now scans Docker Hardened Images (DHI) with built-in VEX support. Vulnerabilities that Docker has verified as non-exploitable drop out of the queue automatically, so developers spend their time on findings that actually matter. This post walks through what changed, why it matters, and how users can benefit from the new integration. Why teams are…
Dan StelzerandBjorn HovdRead now
-
Jun 8, 2026
5 Software Supply Chain Security Best Practices for Development Teams
Learn the key software supply chain security best practices for container-based delivery, from trusted base images and dependency management to build provenance and runtime monitoring.
Aditya TripathiRead now
-
Jun 5, 2026
What is AI Governance? Frameworks, Principles, and Best Practices
Learn what AI governance is, why it matters, and how to manage AI systems safely and at scale.
Srini SekaranRead now
