Chainguard Images
Images are our security-first container base images. Our images are continually updated and aim for zero known vulnerabilities.
Images are our security-first container base images. Our images are continually updated and aim for zero known vulnerabilities.
Images are our security-first container base images. They are continually updated, and aim for zero-known vulnerabilities.
Out-of-date software is a major factor in security breaches. Our images are continuously updated with new versions and fixes.
Our images come with SLAs that guarantee that we will provide patches or mitigations for vulnerabilities within an agreed time frame.
All our images are signed and include Software Bills of Materials (SBOM).
Our images aim for zero-known vulnerabilities. No more spending hours analyzing reports from scanning tools.
Our images are designed to help organizations increase their SLSA assurance level. We also provide FIPS compliant images.
We take care of updating our images in response to new versions and security alerts and even provide an SLA.
Currently we have a generic base image, as well as NGINX and Go images. We are working on adding new images every day! — Contact us for images you’d like to see us build!
Our team will investigate if and how this affects our images. If there is an upstream patch available, we will test this and apply it immediately. If not, we will attempt to provide a mitigation while working with upstream projects on a solution. This will be done based on our SLA timeline.
New vulnerabilities are constantly being discovered. In the best cases, projects are given time to patch them and there is a fix in place before the vulnerability is made public. In other cases, there is no patch in place when the vulnerability becomes known (sometimes called a “zero-day” vulnerability).
In these cases, there will be some delay while projects come up with fixes and mitigations.