Chainguard’s Catalog of 1,300+ Container Images: Secure Foundation for Every Engineering Team

Four years ago, our co-founders started Chainguard with a bold mission: to be the safe source for open source.

We didn’t set out to build another container security tool. We set out to transform how open source is built, distributed, and secured — starting with Chainguard Containers, a catalog of minimal, zero CVE container images. 

Our products are powered by Chainguard OS, a minimal Linux distro designed for continuous updates and zero big-bang upgrades. Every image we ship runs on this foundation, giving us full control from the source code to delivering purpose-built images to our customers. To do all of this at scale, we built the Chainguard Factory, our hardened build infrastructure and automation engine that continuously detects source code changes, CVE triaging, and dependency bumps. That allows us to automate 10,000+ OSS project rebuilds daily, from source. When a CVE gets gnarly, our expert engineers go deep, rebuilding even runtime dependencies to eliminate risk.

Together, Chainguard OS and the Factory help us do what no one else can: deliver a daily-updated catalog of zero-CVE, source-built, production-grade container images — at scale.

That scale matters, and we just hit a major milestone: over 1,300 images in the Chainguard Catalog.

This isn’t about chasing numbers. It’s about unlocking secure-by-default software for every team. With 1,300+ images, we now cover the majority of modern application stacks, with container images for programming languages, CI/CD infrastructure, databases, observability tools, developer tools, AI applications, and more. And unlike public registries, every Chainguard image is built from source, rebuilt daily, and comes with SBOMs, SLSA provenance, and Sigstore signatures by default. That means teams can trust where their open source software is coming from and how it was built.

Powered by Chainguard OS and the Chainguard Factory

Every one of our 1,300+ images runs on Chainguard OS and is maintained by the Factory, unlocking total control over the images we deliver with unprecedented speed and quality. It’s the end-to-end integrity and automation across the process that enables our best-in-class CVE remediation and scale.

• Daily builds from source: We compile every package from source code to rebuild every image from scratch daily, with full provenance and transparency.

• Dependency control: With total control over the software supply chain, we can update packages anywhere along the dependency tree (OS, toolchain, libraries, application) and optimize our images to include only the required dependencies for any given application, thus reducing your attack surface area and risk.

• Cutting-edge automation: We leverage automation to continuously monitor source code for changes and to detect CVEs, often updating images before customer scanners are even aware the previous version was vulnerable.

• Rigorously tested for compatibility and security: Each image is tested to confirm compatibility and performance across use cases, with human intervention to ensure quality.

The result? The cleanest, and most actively maintained catalog of secure containers anywhere, and the largest catalog available by a factor of 10.

And we’re not stopping there. This same Factory now powers our new products: Chainguard Libraries, a catalog of malware-resistant open source language libraries built securely from source, and Chainguard VMs, a new product line offering minimal, zero-CVE virtual machine images built entirely from source. Same foundations, new product form factors.

Turning Trust Into Traction — Momentum Across the Business

Not only have we built the largest catalog of secure container images and introduced new products powered by our unique distro and automation, we’re also scaling with purpose across the business. This growth is validation that secure-by-default infrastructure isn’t just possible, it’s essential. Across industries and around the world, engineering and security teams are trusting Chainguard as the secure foundation for software development and deployment.

• New customer wins across industries and at every stage of growth — from innovative upstarts to Fortune 500 leaders — including ANZ Bank, Hapag-Lloyd, HealthEquity, Ironclad, MAN Energy Solutions, Oceaneering International, Snap Inc., Univar Solutions, VPBank, Wisita, and more. We've also continued to make our customers successful, maintaining industry-best CVE remediation velocity.

• Investment in compatibility: We’ve built out seamless integrations with the most popular vulnerability scanners, including Aqua Trivy, AWS Inspector, Grype, Prisma Cloud, Snyk, Tenable, and Wiz. Our turnkey integrations make it easy for application security teams to ensure that Chainguard’s zero-CVE container images are not only secure-by-default, but also compatible with the broad spectrum of tools organizations trust for risk assessment.

• Funding to accelerate growth: In April 2025, we raised a $356 million Series D funding round, co-led by Kleiner Perkins and IVP, with participation from Salesforce Ventures, Datadog Ventures, and all existing investors. This investment brings the company's total funding to $612 million and will help us fuel innovation across our product suite, scale go-to-market operations, and expand our presence in EMEA and APAC.

• Team expansion: As we approach 500 employees (3x headcount growth in the last 12 months!), we’ve welcomed key hires across engineering, go-to-market, and G&A, strengthening our ability to pave the way for a future where secure, vulnerability-free open source software is the standard. And with that growth, we’ve only strengthened our culture, recently becoming Great Place to Work Certified.

• Open source contributions: Our team continues to lead and contribute to foundational projects like Sigstore, SLSA, and more, while also launching Container Hardening Priorities (CHPs), which provides concrete criteria for assessing the security of container images. Complementary to SLSA (hence the naming), CHPS is focused on building container images, while SLSA takes a wider, holistic approach to supply chain security.

Let’s Build Secure Software at Scale

We’ve done the hard work of building the team, technology, automation, and more to make open source secure-by-default, so you can spend less time chasing vulnerabilities and more time shipping great software.

Join us on June 4 for a webinar with Chainguard founders Dan Lorenc, Kim Lewandowski, and Ville Aikas, where we'll dive deeper into Chainguard OS and how it works.

If you’re ready to start building the future instead of patching the past, explore our catalog of over 1,300 container images and reach out to learn more.