Enforce
Contact
CHAINGUARD ENFORCE

Your software supply chain control plane

Know what’s in your supply chain. Fix your vulnerable software.
Enforce policies to maintain security.
Preview of Chainguard Enforce console that shows functionality of the dashboard
TRUSTED BY
Graphic of Block logo

Secure from source to production

Enable developers to ship secure code and keep it that way.

Multi-cluster discoverability

Auto-discover running workloads, top security risks, and recommended mitigations.

Policy enforcement

Define and apply fine-grained supply chain security policies to your workloads.

Compliance benchmarking

Meet compliance for SLSA, CIS benchmarks, Pod Security Standards, and more.

CLOUD NATIVE

Security for modern apps

Continuously monitor software metadata to make real-time policy decisions for your containerized workloads using agentless technology.

Amazon Elastic Kubernetes Service (EKS)
Amazon Elastic Container Service (ECS)
AWS App Runner
Google Cloud Run
Google Kubernetes Engine (GKE)
Git
Amazon Lambda (coming soon)
COMPLIANCE

Meet your benchmark, faster

Out-of-the-box policies that can be customized and deployed directly from the Chainguard Enforce console to meet your compliance needs.

Rego policy template
Custom Rego-based policies.
Log4Shell
Ensure Log4Shell is not running.
Signature policy
Images are signed.
Enforce SBOM attestation
Sign SPDX SBOM from custom key.
Rego policy template
Custom Rego-based policies.
OIDC signer identify
Enforce signer through a OIDC provider.
Signature policy
Images are signed.
Enforce SBOM attestation
Sign SPDX SBOM from custom key.
Rego policy template
Custom Rego-based policies.
OIDC signer identify
Enforce signer through a OIDC provider.
Signature policy
Images are signed.
Enforce SBOM attestation
Sign SPDX SBOM from custom key.
Vulnerability attestation
Enforce a signed vulnerability attestation.
Fail on high or critical CVEs
Attestation with no high or critical CVEs.
Chainguard Images
Images are signed.
Enforce signed GitHub releases
Releases are signed by GitHub actions.
Vulnerability attestation
Enforce a signed vulnerability attestation.
Chainguard Enforce agent
Agents are signed.
Chainguard Images
Images are signed.
Enforce signed GitHub releases
Releases are signed by GitHub actions.
Vulnerability attestation
Enforce a signed vulnerability attestation.
Chainguard Enforce agent
Agents are signed.
Chainguard Images
Images are signed.
Enforce signed GitHub releases
Releases are signed by GitHub actions.
SLSA
NIST SSDF
CIS Benchmarks
Pod Security Standards
PCI
SBOM MANAGEMENT

Start using SBOMs... for real

Automatically generate, sign, and manage SBOMs across all your workloads and eliminate the pain of vulnerability remediation.

Consume software components with SBOMs at build time
Generate SBOMs for workloads ingested without them
Support for all SBOM formats (CycloneDX, SPDX)
Require SBOMs are signed by the source
INTEGRATIONS

Friends with benefits

Easily integrate your favorite CI/CD systems to secure your commits, builds, and artifacts.

Github

SSO, support for Github Actions and public/private repo integration.

GitLab

SSO and seamless CI system integration.

Jenkins

Create artifact provenance in your pipelines.

CircleCI

Easily secure your builds and deployments.

Tekton

Support for Tekton Chains provenance.

Slack

Stay informed of policy results and security events.

Graphic of Block logo

Chainguard is bringing an end-user-first approach to a deeply complex problem area. The team has been instrumental in helping us wrap our heads around the software supply chain landscape and has provided clear guidance and support for how we get to a software supply chain that is secure by default.”

Drew Hintz
Head of Security
Read more
Graphic of Precisely logo

We are pleased to work with Chainguard Enforce to ensure the software our developers build and deploy is safe, tamper-resistant and protected against attacks – across the software development lifecycle to production.”

Andy Kelly
Senior Director of DevOps
Read more

Duis aute irure dolor in reprehenderit in voluptate velit.

Duis aute irure dolor in reprehenderit in voluptate velit.

Duis aute irure dolor in reprehenderit in voluptate velit.

Duis aute irure dolor in reprehenderit in voluptate velit.

Free to start, upgrade anytime

Connect in read-only agentless mode in minutes.

Free 30-day trial

for instant access.
Single sign on
Max of 10 nodes
Access to public channel

AWS Marketplace

shop today.
$2,000 per node, per year
Custom enterprise pricing
SaaS fulfillment model available