Home
Chainguard Images

Chainguard Images

Build secure applications on a foundation of minimal, hardened container images to protect against vulnerabilities and attacks.

Secure by Default

Start Secure. Stay Secure.

Leverage low-to-zero CVE container images designed for rapid patching and software updates.

Save hundreds of hours of engineering time annually on vulnerability management, freeing up valuable developer teams to focus on business-critical tasks.

A screenshot of Chainguard's console app.

Trusted by Devs, Platform Engineers & Security

2k hrs/y

saved on vulnerability management

97.6%

reduction in CVEs compared to unhardened equivalent

72k pkgs

6748 latest versions and many more older versions maintained upstream and guarded by Chainguard

An image of the Chainguard app platform showing the nginx image.
Attestation and Provenance

Build With Confidence on a Trusted Software Foundation

Chainguard Images apply industry compliance hardening techniques to strengthen the security of container environments and future-proof against supply chain threats.

  • Minimal base images

  • Build-time SBOMs

  • Daily rebuilds

A screenshot of Chainguard's console app.
The Essentials to Run Safely

Minimal Container Images for Performance & Security

Adopt minimal container images designed to optimize performance and security with reduced software bloat, improved cluster performance, and a minimized attack surface for applications.

  • 62% smaller vs Iron Bank

  • 80% fewer comps vs UBI

Safe Source for Open Source

Pull from hundreds of low-to-zero CVE container images of the most popular open source software.

Loved by Security, Used by Developers Daily

Build With Confidence

Secure & Efficient Development with Chainguard Images

Build and deploy applications on a secure foundation of minimal, hardened container images to reduce vulnerabilities and save developer time.

An image of the Chainguard app platform showing the nginx image.

Explore Our Images

Browse Our Directory

Visit Our Academy

Get Started Now

Trusted By

The world's leading companies trust Chainguard.

  • Logo of Chainguard customer Snowflake.
  • Logo of Chainguard customer Canva.
  • The logo of Chainguard customer HPE.
  • The logo of Chainguard's customer GitLab.
  • The logo of Chainguard customer Dell Technologies.
  • Logo of Chainguard customer Wiz.
  • Logo of Chainguard customer Anduril .
  • Logo of Chainguard customer Elastic.
  • Logo of Chainguard customer Confluent.
  • Logo of Chainguard customer Trustpilot.
  • Logo of Chainguard customer appian.
  • The logo of Chainguard customer Dexcom.
  • Logo of Chainguard customer Checkmarx.
  • Logo of Chainguard customer Cyera.
  • Logo of Chainguard customer Domino.
  • Chainguard customer Gitguardian logo, optimized for dark mode.
  • Logo of Chainguard customer yurts.
  • The logo of Chainguard customer precisely.
  • Logo of Chainguard customer Shift5.
  • Logo of Chainguard customer Fiddler.

Don't Take Our Word for It...

“When you think about customer data, it's all about trust. And so our philosophy has always been to build security into the product in a way that the customer can focus on grabbing insight from the data and not having to worry about the security of the platform.”
Anoosh SabooriHead of Product Security, Snowflake
“Anduril is redefining what defense contractors look like, in part by implementing commercial technology and moving at the pace of relevance. Doing so while remaining compliant in a highly regulated environment is extremely challenging. Chainguard Images help us deliver on this mission with hardened container images that lead the market in secure software development.”
Joe McCaffreyCISO, Anduril
“With Chainguard, we're able to meet and maintain stringent compliance requirements for software vulnerabilities, and their Images product seamlessly integrates within our developer workflows, delivering instant results, and secure outcomes.”
Sandeep JohriCEO, Checkmarx
“Our partnership with Chainguard enabled us to meet or exceed the rigorous standards required in highly regulated industries and government sectors where we serve our customers. By reducing the burden of patching and hardening associated with managing supply chain risks, we can increase our developers' focus on driving innovation in support of our customers' missions.”
Andrew CunjeCISO, Appian
“We have adopted Chainguard Images to reduce the burden of vulnerability triage on our developers so they can focus on building and establishing a secure avenue for the broad adoption of AI technologies. We are thrilled to see Chainguard expand its offering to include AI and ML workloads and look forward to working together to bring secure AI innovation to the forefront.”
Jacob RideoutCTO, HiddenLayer
“With Chainguard STIG-ready Images, our platform engineers are able to save months of engineering effort when it comes to audit and compliance readiness. A process that was once grueling and toilsome now just takes a couple of minutes.”
Shaun McDonnellDirector of Platform Engineering, Shift5

Chainguard Images Features

SLSA Level 2

Hardened build infrastructure

Benefit from a platform running on a hardened, trusted infrastructure, with provenance and attestations from digital signatures and SBOMs.

Build-Time SBOMs

Transparency

Gain build-time generated SBOMs, providing transparency into the software supply chain.

Scanner Compatibility

Security Advisory feed in OSV and secdb formats

Now you can trust the signals from your security scanner. Chainguard makes component lists and critical CVE information accurate and actionable.

Chainguard Image Options

CVE-Minimized Container Images for Every Use Case

Developer Images
  • Available as pure distroless or as minimal image with a package manager and a shell

  • Always pinned to upstream :latest

  • Free to use

Get Started with Developer Images
Production Images
  • Enterprise SLA to remediate vulnerabilities

  • Available as pure distroless or as minimal images with a package manager and a shell

  • Major and minor versions of upstream

  • Available through Chainguard's registry or preferred registry of choice

  • Access to Chainguard's console to manage images, entitlements, pull tokens, and more

Explore Production Images
FIPS Images
  • Functionally equivalent to standard images with FIPS cryptographic requirements

  • Using OpenSSL 3.0 module that is validated by NIST for 140-3

  • Trust, but verify with openssl-fips-test utility

  • Dedicated industry-leading STIG purpose built for DISA compliance and compatible with OpenSCAP and SCAP Viewer

  • Kernel-independent entropy source enables workload deployment on any kernel, hardware, and instance type

Explore FIPS Images