Chainguard has collaborated with leading open source and enterprise vulnerability scanners to create an ecosystem that helps prioritize the remediation of vulnerability scan results while enhancing operational efficiency of security and developer teams. Organizations that use one of our supported scanners as their enterprise scanning tool can now scan and identify vulnerabilities in Chainguard Images and Wolfi to validate that they are shipping the most secure builds possible.
Chainguard Images and Wolfi give you peace of mind that you’re starting from a secure container posture. When you add in Snyk’s container scanning, you can ensure that the Chainguard and Wolfi-based Images that started out vulnerability free, remain vulnerability free. Snyk Container allows you to continuously scan images across the SDLC, so you know when any newly discovered vulnerabilities impact your images or workloads. Additionally, Snyk’s custom base image recommendations (CBIR) provides users recommendations for upgrading their Chainguard andWolfi-based Images to versions with fewer vulnerabilities, providing more secure applications.
It's refreshing to see a Linux distribution that is continually striving to make smaller, more secure images for everyone. There is typically a moment for me when using Grype to scan a Wolfi image where I think "that's weird, I don't see any results"... then realize it's working perfectly.
Wiz enables organizations to securely build and operate their entire cloud environment, providing visibility and risk prioritization from development through deployment. We’re excited to add support for Wolfi and Chainguard Images to the Wiz platform, enabling our mutual customers to ‘shift left’ as they eliminate vulnerabilities, and to validate the positive impact it has on their production workloads.
Become a verified scanner