Products
Chainguard Images
Reduce your attack surface with minimal, distroless images.
Chainguard Enforce
Manage, monitor and enforce end-to-end policies.
Chainguard Services
Infrastructure, configuration, and compliance assessment.
Developer
Resources
Company
Contact
Back
Docs
Open source
Back
Unchained blog
Chainguard labs
Customer stories
Education
Back
About
Newsroom
Careers
Back
About
Newsroom
Careers
UNCHAINED

A curated collection of writings, research, and solutions

Read the latest software supply chain and open source security updates from our experts.

News
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi

Kim Lewandowski, Chief Product Officer
September 21, 2023
Product
An update on Chainguard Images FIPS Validation

Need support on your FedRAMP journey? Chainguard's FIPS Images use the OpenSSL 3.0.8 module that is validated by NIST for 140-2.

Adam Dawson, Product Manager, Chainguard Images
September 13, 2023
Categories
Product
The haunting of CVE-2023-2454: A developer's nightmare
John Speed Meyers, Principal Research Scientist
October 3, 2023
The haunting of CVE-2023-2454: A developer's nightmare
Product
Open Source
Small octopus and a big idea: The story of how a one-year old Linux un-distro is improving the cloud’s software supply chain
Team Wolfi
September 27, 2023
Small octopus and a big idea: The story of how a one-year old Linux un-distro is improving the cloud’s software supply chain
Open Source
Product
Chainguard’s response to CVE-2023-4527 in glibc
Dan Luhring, Staff Software Engineer
September 25, 2023
Chainguard’s response to CVE-2023-4527 in glibc
Product
News
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi
Kim Lewandowski, Chief Product Officer
September 20, 2023
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi
News
Open Source
How to use Dockerfiles with wolfi-base images
Adrian Mouat, Staff DevRel Engineer
September 14, 2023
How to use Dockerfiles with wolfi-base images
Open Source
Product
An update on Chainguard Images FIPS Validation
Adam Dawson, Product Manager, Chainguard Images
September 13, 2023
An update on Chainguard Images FIPS Validation
Product
Open Source
Working with government and industry to put open source security tooling into practice
John Speed Meyers, Principal Research Scientist and Adolfo García Veytia, Staff Software Engineer
September 12, 2023
Working with government and industry to put open source security tooling into practice
Open Source
Research
Stemming the tide of false positive vulnerabilities
Trevor Dunlap, NCSU and Chainguard Intern, Zack Newman, Principal Research Scientist
September 11, 2023
Stemming the tide of false positive vulnerabilities
Research
Product
Announcing a Chainguard Image for OpenTF
Dan Lorenc, CEO
September 6, 2023
Announcing a Chainguard Image for OpenTF
Product
Product
Update for Chainguard Images Users on HashiCorp License Changes
Kim Lewandowski, Chief Product Officer
September 1, 2023
Update for Chainguard Images Users on HashiCorp License Changes
Product
Making Vulnerability Data Better for Machines (and Humans!) with OpenVEX: How Isovalent and Chainguard Use OpenVEX
Feroz Salam, Adolfo Veytia and John Speed Meyers
August 31, 2023
Making Vulnerability Data Better for Machines (and Humans!) with OpenVEX: How Isovalent and Chainguard Use OpenVEX
Product
Announcing General Availability for Chainguard Enforce for GitHub
Billy Lynch
August 29, 2023
Announcing General Availability for Chainguard Enforce for GitHub
Product
Product
Securing the ML supply chain with new Chainguard AI Images
Dan Lorenc, CEO
August 23, 2023
Securing the ML supply chain with new Chainguard AI Images
Product
Product
When a picture is worth 306 CVEs: New image vulnerability comparisons in Chainguard Academy
Jamon Camisso, Developer Experience Engineer
August 23, 2023
When a picture is worth 306 CVEs: New image vulnerability comparisons in Chainguard Academy
Product
Product
Exploring new capabilities in the Chainguard Registry to enable secure and efficient container image management
Kim Lewandowski, Chief Product Officer
August 23, 2023
Exploring new capabilities in the Chainguard Registry to enable secure and efficient container image management
Product
Product
Chainguard Image now available for Zig
Dan Lorenc, CEO
August 18, 2023
Chainguard Image now available for Zig
Product
Product
Important updates for Chainguard Images public catalog users
Kim Lewandowski, Chief Product Officer
August 15, 2023
Important updates for Chainguard Images public catalog users
Product
Engineering
Fully bootstrapping Go from source in Wolfi
Ariadne Conill, Principal Software Engineer
August 11, 2023
Fully bootstrapping Go from source in Wolfi
Engineering
Security
What every CISO should know About the new SSDF security self-attestation form
Dan Lorenc, CEO; Christian Baer, Senior Associate and Sully Perella, Technical Director at Schellman
August 8, 2023
What every CISO should know About the new SSDF security self-attestation form
Security
News
Get in Chainguard, we’re going to fabulous Las Vegas!
Kaylin Trychon, VP of Marketing and External Affairs
August 4, 2023
Get in Chainguard, we’re going to fabulous Las Vegas!
News
The Zero CVE Challenge: Can official Docker Hub images pass the test?
Trevor Dunlap, Research Intern
August 2, 2023
The Zero CVE Challenge: Can official Docker Hub images pass the test?
Open Source
Can Protobom end the SBOM format wars?
Adolfo García Veytia, Staff OSS Engineer and John Speed Meyers, Principal Research Scientist
July 31, 2023
Can Protobom end the SBOM format wars?
Open Source
Open Source
wolfi-act: Dynamic GitHub Actions from Wolfi packages
Josh Dolistky, Staff Software Engineer
July 28, 2023
wolfi-act: Dynamic GitHub Actions from Wolfi packages
Open Source
Security
Fuzzy CVEs, tarfiles, and untrusted input
Dan Lorenc, CEO
July 27, 2023
Fuzzy CVEs, tarfiles, and untrusted input
Security
News
Elastic partners with Chainguard on Software Supply Chain security and SLSA assessment
Paul McCann, Principal Product Security Engineer at Elastic and Lewis Denham-Parry, Solutions Architect
July 26, 2023
Elastic partners with Chainguard on Software Supply Chain security and SLSA assessment
News
Engineering
Good MLOps is good ML supply chain security
Zachary Newman, Principal Research Scientist and Savin Goyal, CTO at Outerbounds
July 25, 2023
Good MLOps is good ML supply chain security
Engineering
Product
How Chainguard utilizes software signatures for supply chain security
Priya Wadhwa, Engineering Manager
July 19, 2023
How Chainguard utilizes software signatures for supply chain security
Product
Product
Introducing new SBOM features in Chainguard Enforce
Narayan Iyengar, Product Manager
July 19, 2023
Introducing new SBOM features in Chainguard Enforce
Product
Product
Introducing automatic vulnerability analysis features in Chainguard Enforce
Priya Wadhwa, Engineering Manager
July 19, 2023
Introducing automatic vulnerability analysis features in Chainguard Enforce
Product
Product
Chainguard announces availability of new SBOM, vulnerability analysis and software signing capabilities in Enforce
Kim Lewandowski, Chief Product Officer
July 18, 2023
Chainguard announces availability of new SBOM, vulnerability analysis and software signing capabilities in Enforce
Product
News
Chainguard named to inaugural Redpoint InfraRed 100
Kaylin Trychon, VP of Marketing and Communications
July 17, 2023
Chainguard named to inaugural Redpoint InfraRed 100
News
Product
How Chainguard fixes vulnerabilities before they're detected
Jason Hall, Software Engineer
July 14, 2023
How Chainguard fixes vulnerabilities before they're detected
Product
Engineering
OCI announces upcoming changes for registries
Josh Dolitsky, Staff Software Engineer
July 13, 2023
OCI announces upcoming changes for registries
Engineering
News
Advancing the use of memory safe programming languages
Kaylin Trychon, VP of Marking and Communications
July 12, 2023
Advancing the use of memory safe programming languages
News
News
Cleared for takeoff: Meeting TSA’s new cybersecurity requirements
Kaylin Trychon, VP of Marketing and Communications
July 10, 2023
Cleared for takeoff: Meeting TSA’s new cybersecurity requirements
News
Engineering
So you want to check image signatures in Kubernetes…?
Dan Lorenc, CEO
July 6, 2023
So you want to check image signatures in Kubernetes…?
Engineering
Product
Reproducing Chainguard’s reproducible image builds
Matt Moore, CTO
July 5, 2023
Reproducing Chainguard’s reproducible image builds
Product
News
Strengthening CI/CD Environments: Insights from NSA and DHS CISA guidance
Dan Lorenc, CEO
June 30, 2023
Strengthening CI/CD Environments: Insights from NSA and DHS CISA guidance
News
Product
Chainguard Image now available for Pulumi
Josh Dolitsky, Staff Software Engineer
June 29, 2023
Chainguard Image now available for Pulumi
Product
Product
A guide on how to use Chainguard Images for public catalog tier users
Adrian Mouat, Staff OSS Engineer
June 23, 2023
A guide on how to use Chainguard Images for public catalog tier users
Product
News
An enhanced Chainguard Academy learning experience
Lisa Tagliaferri, Senior Director of Developer Education
June 21, 2023
An enhanced Chainguard Academy learning experience
News
Engineering
The principle of minimalism
Jed Salazar, Solutions Architect and Matt Moore, CTO
June 21, 2023
The principle of minimalism
Engineering
Research
Ship software to Uncle Sam faster with zero-known vulnerability containers
John Speed Meyers, Principal Research Scientist
June 20, 2023
Ship software to Uncle Sam faster with zero-known vulnerability containers
Research
News
Government perspectives on software self-attestation requirements
Chainguard Team
June 15, 2023
Government perspectives on software self-attestation requirements
News
News
The importance of toolchain security in NIST's SSDF
Dan Lorenc, CEO
June 12, 2023
The importance of toolchain security in NIST's SSDF
News
Engineering
Designing build date epoch in Chainguard Images
Matt Moore, CTO
June 8, 2023
Designing build date epoch in Chainguard Images
Engineering
News
Celebrating 5 years of NTIA’s SBOM work
Dan Lorenc, CEO
June 7, 2023
Celebrating 5 years of NTIA’s SBOM work
News
Come see Chainguard (virtually) at Cloudsmith Unpacked on June 20!
Kim Lewandowski, Chief Product Officer
June 6, 2023
Come see Chainguard (virtually) at Cloudsmith Unpacked on June 20!
Engineering
Fully bootstrapping Java from source in Wolfi
Ariadne Conill, Principal Software Engineer and Josh Wolf, Software Engineer
June 2, 2023
Fully bootstrapping Java from source in Wolfi
Engineering
Research
Introducing "Speranza": Enhancing software signing with privacy and usability
Zachary Newman, Principal Research Scientist
May 30, 2023
Introducing "Speranza": Enhancing software signing with privacy and usability
Research
Product
Fortify, comply and conquer FedRAMP with Chainguard Images
Dan Lorenc, CEO
May 25, 2023
Fortify, comply and conquer FedRAMP with Chainguard Images
Product
Engineering
Building Chainguard's container image registry
Jason Hall, Software Engineer
May 23, 2023
Building Chainguard's container image registry
Engineering
Open Source
OSS security: Chainguard May 2023 update
Tracy Miranda, Head of Open Source
May 22, 2023
OSS security: Chainguard May 2023 update
Open Source
Product
Policy rollback and auditing with versions in Chainguard Enforce
Colin Douglas, Software Engineer and Katy Howard, Software Engineer
May 19, 2023
Policy rollback and auditing with versions in Chainguard Enforce
Product
Product
Scaling Chainguard Images with a growing catalog and proactive security updates
Kim Lewandowski, Chief Product Officer
May 17, 2023
Scaling Chainguard Images with a growing catalog and proactive security updates
Product
Product
Enhancing enterprise reliability features for Chainguard Enforce customers
Adam Dawson, Product Manager and Narayan Iyengar, Product Manager
May 11, 2023
Enhancing enterprise reliability features for Chainguard Enforce customers
Product
Security
How to explain the CISA software attestation requirements to your board
Dan Lorenc, CEO
May 5, 2023
How to explain the CISA software attestation requirements to your board
Security
Open Source
Meet Chainguard at Open Source Summit North America 2023 [May 10 – 12 in Vancouver]!
Tracy Miranda, Head of Open Source
May 4, 2023
Meet Chainguard at Open Source Summit North America 2023 [May 10 – 12 in Vancouver]!
Open Source
Research
Enforce against vulnerability sprawl with up-to-date images
John Speed Meyers, Principal Research Scientist
May 3, 2023
Enforce against vulnerability sprawl with up-to-date images
Research
News
Chainguard joins DHS S&T new startup cohort to strengthen software supply chain
Dan Lorenc, CEO
April 27, 2023
Chainguard joins DHS S&T new startup cohort to strengthen software supply chain
News
Engineering
Move over, Dockerfiles! The new way to craft containers
Jason Hall, Software Engineer and Zachary Newman, Principal Research Scientist
April 27, 2023
Move over, Dockerfiles! The new way to craft containers
Engineering
Open Source
Open source software takes center stage at RSA
Dan Lorenc, CEO
April 24, 2023
Open source software takes center stage at RSA
Open Source
Open Source
npm + Sigstore: Making Javascript secure by default
Tracy Miranda, Head of Open Source
April 19, 2023
npm + Sigstore: Making Javascript secure by default
Open Source
News
Chainguard and CNCF conduct SLSA assessments for Argo and Prometheus projects
James Petersen, Solutions Architect
April 18, 2023
Chainguard and CNCF conduct SLSA assessments for Argo and Prometheus projects
News
Open Source
Chainguard open sources new policy catalog for Sigstore policy-controller
Erin Glass, Product Manager and Ville Aikas, Distinguished Engineer
April 18, 2023
Chainguard open sources new policy catalog for Sigstore policy-controller
Open Source
News
Chainguard Images now available to government agencies on U.S. Air Force Platform One
Dan Lorenc, CEO
April 17, 2023
Chainguard Images now available to government agencies on U.S. Air Force Platform One
News
Product
Chainguard Image now available for prometheus
Dan Lorenc, CEO
April 14, 2023
Chainguard Image now available for prometheus
Product
News
Join Chainguard at KubeCon EU in Amsterdam April 19-21!
Sarah O'Rourke, Communications Director
April 13, 2023
Join Chainguard at KubeCon EU in Amsterdam April 19-21!
News
Product
It all started with a commit: Celebrating 6 years of Distroless
Dan Lorenc, CEO and Matt Moore, CTO
April 12, 2023
It all started with a commit: Celebrating 6 years of Distroless
Product
Product
Tired of searching through your scan results? Try the Chainguard OpenSearch Image
Dan Lorenc, CEO
April 7, 2023
Tired of searching through your scan results? Try the Chainguard OpenSearch Image
Product
Product
The role of attestations in a secure software supply chain
Zachary Newman, Principal Research Scientist
April 4, 2023
The role of attestations in a secure software supply chain
Product
Open Source
ICYMI: What's new in Chainguard Academy
Lisa Tagliaferri, Director of Developer Education
April 3, 2023
ICYMI: What's new in Chainguard Academy
Open Source
News
GitCommitted with your dream base image
Kirby Koo, Social and Community Relations
April 1, 2023
GitCommitted with your dream base image
News
Engineering
Are Kubernetes Validating Admission Policies the end of admission controllers?
Ville Aikas, Distinguished Engineer and Zachary Newman, Principal Research Scientist
March 31, 2023
Are Kubernetes Validating Admission Policies the end of admission controllers?
Engineering
Open Source
New Chainguard Academy tutorial: Cosign the manual way
Eddie Zaneski, Staff OSS Engineer
March 29, 2023
New Chainguard Academy tutorial: Cosign the manual way
Open Source
Open Source
Sigstore policy-controller 101
Erin Glass, Product Manager and Ville Aikas, Distinguished Engineer
March 29, 2023
Sigstore policy-controller 101
Open Source
Product
Chainguard Image now available for NATS
Dan Lorenc, CEO
March 27, 2023
Chainguard Image now available for NATS
Product
Open Source
Chainguard contributes Rekor Search project to Sigstore
Priya Wadhwa, Engineering Manager
March 23, 2023
Chainguard contributes Rekor Search project to Sigstore
Open Source
Product
5 capabilities in Chainguard Enforce you don’t want to miss (your security team will LOVE #4)
Adam Dawson, Product Manager
March 22, 2023
5 capabilities in Chainguard Enforce you don’t want to miss (your security team will LOVE #4)
Product
Open Source
OSS Security: Chainguard Spring 2023 update
Tracy Miranda, Head of Open Source
March 22, 2023
OSS Security: Chainguard Spring 2023 update
Open Source
Product
Chainguard Image now available for Apache Zookeeper
Dan Lorenc, CEO
March 20, 2023
Chainguard Image now available for Apache Zookeeper
Product
Product
Using Chainguard Enforce to prepare for the Kubernetes registry deprecation
Adam Dawson, Product Manager and Ville Aikas, Distinguished Engineer
March 16, 2023
Using Chainguard Enforce to prepare for the Kubernetes registry deprecation
Product
Research
New SLSA++ Survey reveals real-world developer approaches to software supply chain security
David A. Wheeler, The Linux Foundation; John Speed Meyers, Chainguard; Mikaël Barbero, Eclipse Foundation; and Rebecca Rumbul, Rust Foundation
March 13, 2023
New SLSA++ Survey reveals real-world developer approaches to software supply chain security
Research
Engineering
What the fuzz? Better coding through randomized testing
Zachary Newman, Principal Research Scientist
March 13, 2023
What the fuzz? Better coding through randomized testing
Engineering
Security
What the fork? Imposter commits in GitHub Actions and CI/CD
Billy Lynch, Staff Software Engineer
March 7, 2023
What the fork? Imposter commits in GitHub Actions and CI/CD
Security
Product
Chainguard Image now available for Postgres
Dan Lorenc, CEO
March 6, 2023
Chainguard Image now available for Postgres
Product
News
Charting a secure by default future
Dan Lorenc, CEO
March 2, 2023
Charting a secure by default future
News
Engineering
apko: a year later
Ariadne Conill, Principal Software Engineer
February 28, 2023
apko: a year later
Engineering
Research
Chainguard conducts SLSA software supply chain security audit of open source project Git
Adolfo García Veytia, Staff OSS Engineer and John Speed Meyers, Principal Research Scientist
February 27, 2023
Chainguard conducts SLSA software supply chain security audit of open source project Git
Research
Product
Announcing Chainguard Enforce discovery and expanded runtime support
Adam Dawson, Product Manager and Mark Drake, Technical Writer
February 27, 2023
Announcing Chainguard Enforce discovery and expanded runtime support
Product
Product
Hopping into spring with Chainguard’s RabbitMQ Image
Dan Lorenc, CEO
February 24, 2023
Hopping into spring with Chainguard’s RabbitMQ Image
Product
Product
SBOMs in a multi-architecture world
Adolfo García Veytia, Staff OSS Engineer and Matt Moore, CTO
February 22, 2023
SBOMs in a multi-architecture world
Product
Engineering
Building towards OCI v1.1 support in cosign
Josh Dolitsky, Software Engineer
February 16, 2023
Building towards OCI v1.1 support in cosign
Engineering
News
Chainguard named an IDC Innovator for open source software supply chain security
Dan Lorenc, CEO
February 15, 2023
Chainguard named an IDC Innovator for open source software supply chain security
News
Research
A purl of wisdom on SBOMs and vulnerabilities
John Speed Meyers, Principal Research Scientist
February 14, 2023
A purl of wisdom on SBOMs and vulnerabilities
Research
Product
Chainguard Image now available for HAProxy
Adrian Mouat, Staff OSS Engineer
February 9, 2023
Chainguard Image now available for HAProxy
Product
Engineering
Not all that’s signed is secure: Verify the right way with TUF and Sigstore
Zachary Newman, Principal Research Scientist and Marina Moore (NYU)
February 8, 2023
Not all that’s signed is secure: Verify the right way with TUF and Sigstore
Engineering
Product
Chainguard Image now available for Kubectl
Adrian Mouat, Staff OSS Engineer
February 7, 2023
Chainguard Image now available for Kubectl
Product
Product
How to sign private artifacts securely with Chainguard's Timestamp Authority
Hector Fernandez, Staff Software Engineer
February 2, 2023
How to sign private artifacts securely with Chainguard's Timestamp Authority
Product
News
Chainguard & BoxBoat, an IBM company, announce strategic partnership to tackle software supply chain security
Kaylin Trychon, VP of Marketing and Communications
January 30, 2023
Chainguard & BoxBoat, an IBM company, announce strategic partnership to tackle software supply chain security
News
Products

Chainguard Images

Chainguard Enforce

Chainguard Services

Developer

Open source

Docs

Resources

Unchained blog

Chainguard Labs

Customer stories

Scanners

Security

Education

Company

About

Newsroom

Careers

Legal

Contact

Follow

Twitter

GitHub

LinkedIn

TikTok

© 2023 Chainguard, Inc.

Contact