An enhanced Chainguard Academy learning experience
Getting up to speed with the evolving software security landscape can be challenging even for those who have been in the technology industry for years. We built Chainguard Academy and packed it with educational resources so that everyone can set themselves up for success in the field. Today, we re-launched Academy with an improved user experience and fresh look to support both new learners starting their security journey and seasoned professionals who are seeking to understand the newest security technologies.
We had a few guiding principles behind the Chainguard Academy redesign:
How can we quickly deliver a high-level understanding on software security topics?
How can we improve documentation discoverability to ensure that developers have everything they need to be successful?
How can we compel those who are “security-curious” to learn more about software supply chain security and thus make software safer for everyone?
From these questions, we have created a landing page with more avenues for exploration, improved navigation experiences site-wide and on individual articles, and new topic pages that surface many of the important resources you’ll need to ramp up.
Our Education repository is open source, and we invite feedback as we will continue to iterate on Chainguard Academy.
New security resources
The team has also been hard at work developing new educational material. We’d like to share with you some of the new highlights.
With the recent SLSA v1.0 release, follow our up-to-date SLSA guide to learn all you need to know so that your organization can effectively leverage this important framework for software supply chain security best practices.
The National Institute of Standards and Technology’s (NIST) Secure Software Development Framework (SSDF) can be hard to find and read in PDF format. We’ve put the most important resources into handy tables on Chainguard Academy:
CISA Secure Software Development Attestation Form (Draft) — Comments are due June 26
We are continuously adding to our resource libraries on SBOMs, apko, Wolfi, and more, so be sure to check back in often for new updates.
Product documentation updates
We are continuously building out product documentation for Chainguard Images and Chainguard Enforce.
If you’d like to use minimal and frequently updated container images that have a lower attack surface, you can use our docs to learn more about Chainguard Images. We now have the Chainguard Registry to pull down Images, which you can read about in our growing catalog of Chainguard Registry Docs. We also recently released an API to review the tag history of Images, which you can learn how to use in the Using the Tag History API article.
Minimalist container images sometimes need a different approach when debugging, so we have written a guide on Debugging Distroless Images so you can explore your options and find a strategy that works for you and your organization. We also have been adding CVE comparisons for popular Images, which are now available in the Images Overview guides. You can check out Go and Ruby, for example.
Chainguard Enforce now has documentation on how to use Assumable Identities so that a workload can carry out tasks without manual supervision. We have a few guides on this with different pipelines, so check out:
Using CloudEvents with Chainguard Enforce can ensure that your team is responding to policy violations and other issues that come up in real time. Instead of needing to manually create an issue or alert, you can use CloudEvents to create Jira issues, GitHub issues, and Slack alerts.
Star our repo or bookmark our site to stay up to date with Chainguard Academy for the latest product updates, open source tooling, software security educational resources, and deep dive tutorials!
Share this article
Related articles
- News
Chainguard Joins IBM PDE Factory to Advance Trusted Open Source Software for Public Sector Missions
Chainguard joins IBM’s PDE Factory to deliver secure, zero-CVE containers for government agencies, accelerating compliance, modernization, and innovation.
Tom White, Senior Director, Public Sector Partnerships
- News
Chainguard + Booz Allen: Delivering Trusted Open-Source Software to U.S. Government Agencies
Chainguard and Booz Allen partner to help federal programs eliminate vulnerabilities, save engineering time, and accelerate compliance timelines.
Tom White, Senior Director, Public Sector Partners
- News
Chainguard Named on the Cloud 100 and a Best Workplace in 2025
Chainguard has been recognized by the Forbes Cloud 100, Fortune Best Workplaces in Technology, and received a Great Place to Work certification.
Liz Egan, Chief Marketing Officer
- News
The Chainguard Slack Community is Here!
Chainguard has created a Slack community to foster a direct connection with the team, engage with your peers, and get the latest updates on Chainguard news.
Kirby Koo, Corporate Marketing
- News
Exploring the Chainguarden at Black Hat USA 2025
See what Chainguard was up to at Black Hat USA 2025, from a garden-themed booth to several engaging activations with organizations like Vanta and Orca Security.
Courtney Bennett, Director, Strategic Events
- News
Scaling Trust Through Partnership: Introducing the Chainguard Partner Program
The Chainguard Partner Program is a global initiative to empower our channel partners to deliver trusted open source software to customers around the world.
Dirk de Vos, Senior Partner Manager, Mat Thomas, Senior Partner Manager, Rob Baumhardt, Senior Director, Channels, and Rob Finn, VP of International Sales