Products
Chainguard Images
Reduce your attack surface with minimal, distroless images.
Chainguard Services
Infrastructure, configuration, and compliance assessment.
Developer
Resources
Company
Contact
Back
Docs
Open source
Back
Unchained blog
Chainguard labs
Customer stories
Education
Back
About
Newsroom
Careers
Back
About
Newsroom
Careers
UNCHAINED

A curated collection of writings, research, and solutions

Read the latest software supply chain and open source security updates from our experts.

News
Chainguard Raises $61 Million Series B Round as Enterprises Move to Fortify Open Source Software

Series B funding elevates Chainguard's capabilities in pioneering next-gen software security technologies.

Chainguard
November 1, 2023
Product
Celebrating innovation in open source software and container image security with Chainguard Images

Explore the fusion of open source innovation and container security with Chainguard Images.

Kim Lewandowski, Chief Product Officer
November 1, 2023
Categories
Product
The Incremental Path to Container Images: Chainguard Images
Matt Moore, CTO
November 28, 2023
The Incremental Path to Container Images: Chainguard Images
Product
News
Top 5 Takeaways from KubeCon NA 2023: SSCS, Wolfi and More
Ville Aikas, Co-founder & Distinguished Engineer
November 21, 2023
Top 5 Takeaways from KubeCon NA 2023: SSCS, Wolfi and More
News
Product
Chainguard announces new Sigstore images to bring critical software supply chain tooling to enterprises
Kaylin Trychon, Vice President Marketing
November 14, 2023
Chainguard announces new Sigstore images to bring critical software supply chain tooling to enterprises
Product
Research
Can Debloated Containers Pass the Zero CVE Test?
Paul Gibert, Chainguard Visiting Researcher
November 20, 2023
Can Debloated Containers Pass the Zero CVE Test?
Research
Engineering
Chainguard's Image Tagging Philosophy: Enabling High Velocity Updates (pt. 3 of 3)
Jason Hall, Staff Software Engineer
November 17, 2023
Chainguard's Image Tagging Philosophy: Enabling High Velocity Updates (pt. 3 of 3)
Engineering
Engineering
Chainguard's Image Tagging Philosophy: Enabling High Velocity Updates (pt. 2 of 3)
Jason Hall, Staff Software Engineer
November 15, 2023
Chainguard's Image Tagging Philosophy: Enabling High Velocity Updates (pt. 2 of 3)
Engineering
Engineering
Chainguard's Image Tagging Philosophy: Enabling High Velocity Updates (pt. 1 of 3)
Jason Hall, Staff Software Engineer
November 13, 2023
Chainguard's Image Tagging Philosophy: Enabling High Velocity Updates (pt. 1 of 3)
Engineering
News
New Report Shows Disconnect Between Developers and Security Teams on Software Supply Chain Security Priorities and Responsibilities
Chainguard
November 8, 2023
New Report Shows Disconnect Between Developers and Security Teams on Software Supply Chain Security Priorities and Responsibilities
News
News
Chainguard Raises $61 Million Series B Round as Enterprises Move to Fortify Open Source Software
Chainguard
November 1, 2023
Chainguard Raises $61 Million Series B Round as Enterprises Move to Fortify Open Source Software
News
Product
Celebrating innovation in open source software and container image security with Chainguard Images
Kim Lewandowski, Chief Product Officer
November 1, 2023
Celebrating innovation in open source software and container image security with Chainguard Images
Product
Product
The Phantom Menace of CVE-2019-3826: Unmasking the false positive
John Speed Meyers, Principal Research Scientist
October 31, 2023
The Phantom Menace of CVE-2019-3826: Unmasking the false positive
Product
Open Source
Unlocking efficiency and security on GitLab: On-demand images with 0-CVE packages powered by Wolfi
Batuhan Apaydin and Furkan Türkal
October 30, 2023
Unlocking efficiency and security on GitLab: On-demand images with 0-CVE packages powered by Wolfi
Open Source
Product
The haunting silence of CVE-Unknown: Unveiling the secrets of silent fixes
John Speed Meyers, Principal Research Scientist
October 25, 2023
The haunting silence of CVE-Unknown: Unveiling the secrets of silent fixes
Product
Open Source
VEXed? Then Grype about it: Chainguard and Anchore announce Grype supports OpenVEX
Adolfo Veytia, Alex Goodman, Dan Luhring, and John Speed Meyers
October 23, 2023
VEXed? Then Grype about it: Chainguard and Anchore announce Grype supports OpenVEX
Open Source
Product
Announcing Bazel rules for extending Chainguard Images
Adam Dawson, Principal Product Manager at Chainguard and Alex Eagle, Aspect
October 24, 2023
Announcing Bazel rules for extending Chainguard Images
Product
News
Check out Chainguard at KubeCon NA in Chicago on November 6-9!
Will Dolinsky, Content Marketing Specialist
October 20, 2023
Check out Chainguard at KubeCon NA in Chicago on November 6-9!
News
Product
The unmasking of the Phantom's Masquerade: When junk CVEs reveal their true nature
John Speed Meyers, Principal Research Scientist
October 17, 2023
The unmasking of the Phantom's Masquerade: When junk CVEs reveal their true nature
Product
Product
Chainguard’s response to CVE-2023-38545 and CVE-2023-38546 in curl
Dan Luhring, Staff Software Engineer
October 11, 2023
Chainguard’s response to CVE-2023-38545 and CVE-2023-38546 in curl
Product
Product
Introducing Chainguard Images for Node.js LTS 20, Python 3.12 and OpenJDK/JRE 21
Adam Dawson, Principal Product Manager
October 11, 2023
Introducing Chainguard Images for Node.js LTS 20, Python 3.12 and OpenJDK/JRE 21
Product
Product
The haunting of CVE-2022-3474: A ghostly tale of package detection failure
John Speed Meyers, Principal Research Scientist
October 10, 2023
The haunting of CVE-2022-3474: A ghostly tale of package detection failure
Product
Security
Why Chainguard uses Grype as its first line of defense for CVEs
Dan Luhring, Staff Software Engineer
October 6, 2023
Why Chainguard uses Grype as its first line of defense for CVEs
Security
Security
Understanding attacker techniques in distroless containers
Adrian Mouat, Staff DevRel Engineer
October 5, 2023
Understanding attacker techniques in distroless containers
Security
Product
The haunting of CVE-2023-2454: A developer's nightmare
John Speed Meyers, Principal Research Scientist
October 3, 2023
The haunting of CVE-2023-2454: A developer's nightmare
Product
Open Source
Small octopus and a big idea: The story of how a one-year old Linux un-distro is improving the cloud’s software supply chain
Team Wolfi
September 27, 2023
Small octopus and a big idea: The story of how a one-year old Linux un-distro is improving the cloud’s software supply chain
Open Source
Product
Chainguard’s response to CVE-2023-4527 in glibc
Dan Luhring, Staff Software Engineer
September 25, 2023
Chainguard’s response to CVE-2023-4527 in glibc
Product
News
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi
Kim Lewandowski, Chief Product Officer
September 21, 2023
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi
News
Open Source
How to use Dockerfiles with wolfi-base images
Adrian Mouat, Staff DevRel Engineer
September 14, 2023
How to use Dockerfiles with wolfi-base images
Open Source
Product
An update on Chainguard Images FIPS Validation
Adam Dawson, Product Manager, Chainguard Images
September 13, 2023
An update on Chainguard Images FIPS Validation
Product
Open Source
Working with government and industry to put open source security tooling into practice
John Speed Meyers, Principal Research Scientist and Adolfo García Veytia, Staff Software Engineer
September 12, 2023
Working with government and industry to put open source security tooling into practice
Open Source
Research
Stemming the tide of false positive vulnerabilities
Trevor Dunlap, NCSU and Chainguard Intern, Zack Newman, Principal Research Scientist
September 11, 2023
Stemming the tide of false positive vulnerabilities
Research
Product
Announcing a Chainguard Image for OpenTF
Dan Lorenc, CEO
September 6, 2023
Announcing a Chainguard Image for OpenTF
Product
Product
Update for Chainguard Images users on HashiCorp license changes
Kim Lewandowski, Chief Product Officer
September 1, 2023
Update for Chainguard Images users on HashiCorp license changes
Product
Research
Making vulnerability data better for machines (and humans!) with OpenVEX: How Isovalent and Chainguard use OpenVEX
Feroz Salam, Isovalent and Adolfo García Veytia and John Speed Meyers, Chainguard
August 31, 2023
Making vulnerability data better for machines (and humans!) with OpenVEX: How Isovalent and Chainguard use OpenVEX
Research
Product
Announcing general availability for Chainguard Enforce for GitHub
Billy Lynch
August 29, 2023
Announcing general availability for Chainguard Enforce for GitHub
Product
Product
Securing the ML supply chain with new Chainguard AI Images
Dan Lorenc, CEO
August 24, 2023
Securing the ML supply chain with new Chainguard AI Images
Product
Product
When a picture is worth 306 CVEs: New image vulnerability comparisons in Chainguard Academy
Jamon Camisso, Developer Experience Engineer
August 23, 2023
When a picture is worth 306 CVEs: New image vulnerability comparisons in Chainguard Academy
Product
Product
Exploring new capabilities in the Chainguard Registry to enable secure and efficient container image management
Kim Lewandowski, Chief Product Officer
August 22, 2023
Exploring new capabilities in the Chainguard Registry to enable secure and efficient container image management
Product
Product
Chainguard Image now available for Zig
Dan Lorenc, CEO
August 18, 2023
Chainguard Image now available for Zig
Product
Product
Important updates for Chainguard Images public catalog users
Kim Lewandowski, Chief Product Officer
August 16, 2023
Important updates for Chainguard Images public catalog users
Product
Engineering
Fully bootstrapping Go from source in Wolfi
Ariadne Conill, Principal Software Engineer
August 11, 2023
Fully bootstrapping Go from source in Wolfi
Engineering
Security
What every CISO should know about the new SSDF security self-attestation form
Dan Lorenc, CEO; Christian Baer, Senior Associate and Sully Perella, Technical Director at Schellman
August 8, 2023
What every CISO should know about the new SSDF security self-attestation form
Security
News
Get in Chainguard, we’re going to fabulous Las Vegas!
Kaylin Trychon, VP of Marketing and External Affairs
August 4, 2023
Get in Chainguard, we’re going to fabulous Las Vegas!
News
The zero CVE challenge: Can official Docker Hub images pass the test?
Trevor Dunlap, Research Intern
August 3, 2023
The zero CVE challenge: Can official Docker Hub images pass the test?
Open Source
Can Protobom end the SBOM format wars?
Adolfo García Veytia, Staff OSS Engineer and John Speed Meyers, Principal Research Scientist
July 31, 2023
Can Protobom end the SBOM format wars?
Open Source
Open Source
wolfi-act: Dynamic GitHub Actions from Wolfi packages
Josh Dolistky, Staff Software Engineer
July 28, 2023
wolfi-act: Dynamic GitHub Actions from Wolfi packages
Open Source
Security
Fuzzy CVEs, tarfiles, and untrusted input
Dan Lorenc, CEO
July 27, 2023
Fuzzy CVEs, tarfiles, and untrusted input
Security
News
Elastic partners with Chainguard on Software Supply Chain security and SLSA assessment
Paul McCann, Principal Product Security Engineer at Elastic and Lewis Denham-Parry, Solutions Architect
July 26, 2023
Elastic partners with Chainguard on Software Supply Chain security and SLSA assessment
News
Engineering
Good MLOps is good ML supply chain security
Zachary Newman, Principal Research Scientist and Savin Goyal, CTO at Outerbounds
July 25, 2023
Good MLOps is good ML supply chain security
Engineering
Product
How Chainguard utilizes software signatures for supply chain security
Priya Wadhwa, Engineering Manager
July 19, 2023
How Chainguard utilizes software signatures for supply chain security
Product
Product
Introducing new SBOM features in Chainguard Enforce
Narayan Iyengar, Product Manager
July 19, 2023
Introducing new SBOM features in Chainguard Enforce
Product
Product
Introducing automatic vulnerability analysis features in Chainguard Enforce
Priya Wadhwa, Engineering Manager
July 19, 2023
Introducing automatic vulnerability analysis features in Chainguard Enforce
Product
Product
Chainguard announces availability of new SBOM, vulnerability analysis and software signing capabilities in Enforce
Kim Lewandowski, Chief Product Officer
July 19, 2023
Chainguard announces availability of new SBOM, vulnerability analysis and software signing capabilities in Enforce
Product
News
Chainguard named to inaugural Redpoint InfraRed 100
Kaylin Trychon, VP of Marketing and Communications
July 17, 2023
Chainguard named to inaugural Redpoint InfraRed 100
News
Product
How Chainguard fixes vulnerabilities before they're detected
Jason Hall, Software Engineer
July 14, 2023
How Chainguard fixes vulnerabilities before they're detected
Product
Engineering
OCI announces upcoming changes for registries
Josh Dolitsky, Staff Software Engineer
July 13, 2023
OCI announces upcoming changes for registries
Engineering
News
Advancing the use of memory safe programming languages
Kaylin Trychon, VP of Marking and Communications
July 12, 2023
Advancing the use of memory safe programming languages
News
News
Cleared for takeoff: Meeting TSA’s new cybersecurity requirements
Kaylin Trychon, VP of Marketing and Communications
July 10, 2023
Cleared for takeoff: Meeting TSA’s new cybersecurity requirements
News
Engineering
So you want to check image signatures in Kubernetes…?
Dan Lorenc, CEO
July 6, 2023
So you want to check image signatures in Kubernetes…?
Engineering
Product
Reproducing Chainguard’s reproducible image builds
Matt Moore, CTO
July 5, 2023
Reproducing Chainguard’s reproducible image builds
Product
News
Strengthening CI/CD Environments: Insights from NSA and DHS CISA guidance
Dan Lorenc, CEO
June 30, 2023
Strengthening CI/CD Environments: Insights from NSA and DHS CISA guidance
News
Product
Chainguard Image now available for Pulumi
Josh Dolitsky, Staff Software Engineer
June 29, 2023
Chainguard Image now available for Pulumi
Product
Product
A guide on how to use Chainguard Images for public catalog tier users
Adrian Mouat, Staff OSS Engineer
June 23, 2023
A guide on how to use Chainguard Images for public catalog tier users
Product
News
An enhanced Chainguard Academy learning experience
Lisa Tagliaferri, Senior Director of Developer Education
June 22, 2023
An enhanced Chainguard Academy learning experience
News
Engineering
The principle of minimalism
Jed Salazar, Solutions Architect and Matt Moore, CTO
June 22, 2023
The principle of minimalism
Engineering
Research
Ship software to Uncle Sam faster with zero-known vulnerability containers
John Speed Meyers, Principal Research Scientist
June 20, 2023
Ship software to Uncle Sam faster with zero-known vulnerability containers
Research
News
Government perspectives on software self-attestation requirements
Chainguard Team
June 15, 2023
Government perspectives on software self-attestation requirements
News
News
The importance of toolchain security in NIST's SSDF
Dan Lorenc, CEO
June 12, 2023
The importance of toolchain security in NIST's SSDF
News
Engineering
Designing build date epoch in Chainguard Images
Matt Moore, CTO
June 8, 2023
Designing build date epoch in Chainguard Images
Engineering
News
Celebrating 5 years of NTIA’s SBOM work
Dan Lorenc, CEO
June 7, 2023
Celebrating 5 years of NTIA’s SBOM work
News
Come see Chainguard (virtually) at Cloudsmith Unpacked on June 20!
Kim Lewandowski, Chief Product Officer
June 6, 2023
Come see Chainguard (virtually) at Cloudsmith Unpacked on June 20!
Engineering
Fully bootstrapping Java from source in Wolfi
Ariadne Conill, Principal Software Engineer and Josh Wolf, Software Engineer
June 2, 2023
Fully bootstrapping Java from source in Wolfi
Engineering
Research
Introducing "Speranza": Enhancing software signing with privacy and usability
Zachary Newman, Principal Research Scientist
May 30, 2023
Introducing "Speranza": Enhancing software signing with privacy and usability
Research
Product
Fortify, comply and conquer FedRAMP with Chainguard Images
Dan Lorenc, CEO
May 25, 2023
Fortify, comply and conquer FedRAMP with Chainguard Images
Product
Engineering
Building Chainguard's container image registry
Jason Hall, Software Engineer
May 23, 2023
Building Chainguard's container image registry
Engineering
Open Source
OSS security: Chainguard May 2023 update
Tracy Miranda, Head of Open Source
May 22, 2023
OSS security: Chainguard May 2023 update
Open Source
Product
Policy rollback and auditing with versions in Chainguard Enforce
Colin Douglas, Software Engineer and Katy Howard, Software Engineer
May 19, 2023
Policy rollback and auditing with versions in Chainguard Enforce
Product
Product
Scaling Chainguard Images with a growing catalog and proactive security updates
Kim Lewandowski, Chief Product Officer
May 18, 2023
Scaling Chainguard Images with a growing catalog and proactive security updates
Product
Product
Enhancing enterprise reliability features for Chainguard Enforce customers
Adam Dawson, Product Manager and Narayan Iyengar, Product Manager
May 11, 2023
Enhancing enterprise reliability features for Chainguard Enforce customers
Product
Security
How to explain the CISA software attestation requirements to your board
Dan Lorenc, CEO
May 5, 2023
How to explain the CISA software attestation requirements to your board
Security
Open Source
Meet Chainguard at Open Source Summit North America 2023 [May 10 – 12 in Vancouver]!
Tracy Miranda, Head of Open Source
May 5, 2023
Meet Chainguard at Open Source Summit North America 2023 [May 10 – 12 in Vancouver]!
Open Source
Research
Enforce against vulnerability sprawl with up-to-date images
John Speed Meyers, Principal Research Scientist
May 3, 2023
Enforce against vulnerability sprawl with up-to-date images
Research
News
Chainguard joins DHS S&T new startup cohort to strengthen software supply chain
Dan Lorenc, CEO
April 27, 2023
Chainguard joins DHS S&T new startup cohort to strengthen software supply chain
News
Engineering
Move over, Dockerfiles! The new way to craft containers
Jason Hall, Software Engineer and Zachary Newman, Principal Research Scientist
April 27, 2023
Move over, Dockerfiles! The new way to craft containers
Engineering
Open Source
Open source software takes center stage at RSA
Dan Lorenc, CEO
April 24, 2023
Open source software takes center stage at RSA
Open Source
Open Source
npm + Sigstore: Making Javascript secure by default
Tracy Miranda, Head of Open Source
April 19, 2023
npm + Sigstore: Making Javascript secure by default
Open Source
News
Chainguard and CNCF conduct SLSA assessments for Argo and Prometheus projects
James Petersen, Solutions Architect
April 19, 2023
Chainguard and CNCF conduct SLSA assessments for Argo and Prometheus projects
News
Open Source
Chainguard open sources new policy catalog for Sigstore policy-controller
Erin Glass, Product Manager and Ville Aikas, Distinguished Engineer
April 18, 2023
Chainguard open sources new policy catalog for Sigstore policy-controller
Open Source
News
Chainguard Images now available to government agencies on U.S. Air Force Platform One
Dan Lorenc, CEO
April 18, 2023
Chainguard Images now available to government agencies on U.S. Air Force Platform One
News
Product
Chainguard Image now available for prometheus
Dan Lorenc, CEO
April 14, 2023
Chainguard Image now available for prometheus
Product
News
Join Chainguard at KubeCon EU in Amsterdam April 19-21!
Sarah O'Rourke, Communications Director
April 13, 2023
Join Chainguard at KubeCon EU in Amsterdam April 19-21!
News
Product
It all started with a commit: Celebrating 6 years of Distroless
Dan Lorenc, CEO and Matt Moore, CTO
April 12, 2023
It all started with a commit: Celebrating 6 years of Distroless
Product
Product
Tired of searching through your scan results? Try the Chainguard OpenSearch Image
Dan Lorenc, CEO
April 7, 2023
Tired of searching through your scan results? Try the Chainguard OpenSearch Image
Product
Product
The role of attestations in a secure software supply chain
Zachary Newman, Principal Research Scientist
April 4, 2023
The role of attestations in a secure software supply chain
Product
Open Source
ICYMI: What's new in Chainguard Academy
Lisa Tagliaferri, Director of Developer Education
April 3, 2023
ICYMI: What's new in Chainguard Academy
Open Source
News
GitCommitted with your dream base image
Kirby Koo, Social and Community Relations
April 1, 2023
GitCommitted with your dream base image
News
Engineering
Are Kubernetes Validating Admission Policies the end of admission controllers?
Ville Aikas, Distinguished Engineer and Zachary Newman, Principal Research Scientist
March 31, 2023
Are Kubernetes Validating Admission Policies the end of admission controllers?
Engineering
Open Source
New Chainguard Academy tutorial: Cosign the manual way
Eddie Zaneski, Staff OSS Engineer
March 30, 2023
New Chainguard Academy tutorial: Cosign the manual way
Open Source
Open Source
Sigstore policy-controller 101
Erin Glass, Product Manager and Ville Aikas, Distinguished Engineer
March 29, 2023
Sigstore policy-controller 101
Open Source
Product
Chainguard Image now available for NATS
Dan Lorenc, CEO
March 27, 2023
Chainguard Image now available for NATS
Product
Open Source
Chainguard contributes Rekor Search project to Sigstore
Priya Wadhwa, Engineering Manager
March 24, 2023
Chainguard contributes Rekor Search project to Sigstore
Open Source
Products

Chainguard Images

Chainguard Services

Developer

Open source

Docs

Resources

Unchained blog

Chainguard Labs

Customer stories

Scanners

Security

Education

Company

About

Newsroom

Careers

Legal

Contact

Follow

Twitter

GitHub

LinkedIn

TikTok

© 2023 Chainguard, Inc.

Contact