Supply Chain Security 101
Everything you need to know about software supply chain security in the age of open source.
- Compliance
FIPS 140-3: Everything you need to know
Learn what FIPS 140-3 is, how it differs from 140-2, who must comply, and how to simplify cryptographic validation for modern, regulated software.
- Compliance
FIPS 140-2 explained: The engineer’s guide to compliance
FIPS 140-2 compliance is complex and high-stakes. Learn what it is, who needs it, and how Chainguard makes meeting and maintaining compliance simple.
- Compliance
What is FIPS?
Learn what FIPS compliance requires, who it applies to, and how to meet standards like FIPS 140-2 and 140-3 in modern software environments.
- Software Supply ChainAppSec
How to prevent software supply chain attacks
Learn about what supply chain attacks are, real-world examples like SolarWinds and XZ Utils, and strategies to prevent them with layered security.
- Software Supply ChainAppSec
Understanding software supply chain security
Learn what software supply chain security is, plus tools and best practices to protect your org from vulnerabilities and other risks.
- Software Supply ChainDevSecOps
Docker images vs containers: Key differences
Learn about Docker images and containers, how they work, and the key differences between them.
- ComplianceAppSec
NIST cybersecurity framework: Core functions and best practices
Discover the NIST Cybersecurity Framework (CSF) and explore its core principles and recommended best practices in CSF 2.0.
- Software Supply ChainDevSecOps
What is a Docker image?
Learn what a Docker image is, what role it plays in modern application development in containers, and how to build and secure Docker images.
- ComplianceAppSec
What is NIS2?
Learn what NIS2 is, who must comply, its cybersecurity measures, and how to update controls and practices to meet compliance.