Sign inContact usTry it out
Sign inContact usTry it out

Celebrating innovation in open source software and container image security with Chainguard Images

Kim Lewandowski, Chief Product Officer
  •  
November 1, 2023
The Case for Farm-to-Table Package Signing

Over the past year, Chainguard has expanded its Images inventory, reaching over one million image builds, to offer developers the freedom to build secure software with the tools and applications they know and love. 

With Chainguard Images, we have designed a first-of-its-kind approach in the market to address container image security and secure open source software development, which are foundational components of securing the software supply chain. The road to product-market-fit is not defined, it is forged. And we have learned a lot refining our approach to building secure images as both a reliable and scalable enterprise product and open source community solution. Our Series B fundraising round further reinforces that we are on the right path, addressing the right open source and software supply chain security problems development and security teams face today. 

Chainguard Images – which started as an experiment – has now helped organizations from the private and public sectors see a 97.6% reduction in CVEs and eliminate entire classes of vulnerabilities within their software supply chain. Chainguard Images are trusted by Snowflake, Hewlett Packard Enterprise, Sourcegraph, GitGuardian, Replicated, the United States Air Force Platform One Iron Bank and more. 

Off the shelf, Chainguard Images offer: 

  • a large inventory of popular build and development tools, applications, middleware, and language runtimes,
  • a highly performant, more secure Container Image Registry that features passwordless, short-lived token-based authentication,
  • and critical software supply chain security requirements like Software Bill of Materials (SBOMs) and verified software signatures by Sigstore.

Thank you to our customers and open source adopters 

To our early adopter customers and open source projects, thank you for believing in the benefits Chainguard Images have to offer from day one. Jumping to new solutions that haven’t been done before and moving to the bleeding-edge of technology is a big step, but we’ve found a way to make living on this edge stable, reliable and secure. 

To-date, Chainguard Images have been pulled over 90 million times. We now also have more than 200 applications in our inventory, with over a million image builds. 

We also pride ourselves in open source software principles. This is why we are committed to maintaining a free, public tier of Chainguard Images for all developers and open source maintainers to benefit from into the future. 

Enterprise-ready capabilities and features 

What started as a secret project quickly turned into a way for Chainguard to revolutionize the way organizations address vulnerabilities and maintain the open source software they consume. Over the past year, we have rolled out many enterprise-ready capabilities and features across the Chainguard Images product suite, including: 

  • Tag History and Image Diff APIs:These features help enterprises understand the difference between Image builds, so they can see the speed and comprehensive updates occurring within their Chainguard Images and help determine when to update to the latest version.
  • Vulnerability comparisons: Users can now search known vulnerabilities and compare external images alongside Chainguard Images in Chainguard Academy.Enterprise user management enhancements: Building user management features with the tools and platforms customers are already using is critical for helping organizations unlock the benefits of Chainguard faster. We’ve enabled organizations to integrate with Chainguard using their internal enterprise identity platform provider (IdP) like Okta, Ping, Azure AD and more via OIDC workflows. We also heard feedback from customers about their need to standardize on Terraform. The Chainguard Terraform provider is now certified and publicly available for Chainguard Images to allow for greater ability to manage accounts, users, and access permissions at scale. These user management features in Chainguard Images offer enterprises more organizational control, flexibility, and security over their accounts.
  • Cloud Marketplace expansion: Chainguard Images are now available in the AWS Marketplace. The availability of these listings makes it easier for organizations using AWS to discover, purchase, and deploy Chainguard Images in their environments or leverage existing spend and credit commits towards their Chainguard Images usage.
  • Enterprise and open source scanner support: Leading scanners like Grype, Prisma Cloud, Snyk, Trivy, and Wiz now support scans within Chainguard Images and Wolfi. This growing ecosystem of scanner support enables our Chainguard Images customers and community users to continue leveraging the tools and workflows they use today for monitoring and prioritizing vulnerability scan results.
  • Enterprise SLAs: We provide Chainguard Images customers with an SLA on vulnerability remediation for vulnerabilities detected by scanners. This means that if an update is available for one of our Images, we'll apply it within a specified timeframe, ensuring that our Images remain free of known vulnerabilities and that our customers can deploy with confidence quickly. This dramatically limits noise from your scanners, so when CVEs do show up, you can be confident that they’re real and need attention. This saves your team time triaging vulnerabilities so they can focus on business priorities and innovation.

The future to a frictionless FIPS and FedRAMP journey

Achieving zero-known, High/Critical vulnerabilities in container environments is a requirement for meeting or maintaining certifications for most of today’s widely-required compliance frameworks, such as FedRAMP, StateRAMP, PCI, PCI DSS, and SOC2.

The compliance use cases for Chainguard Images have received exceptional response from the market and existing customers. If you are looking for a hardened container solution that can help you reach your FedRAMP goals, Chainguard Images is the answer. Today, we provide a number of FIPS-enabled base images for popular language ecosystems and applications. We also work with customers to create FIPS-ready images for their specific application needs. With Chainguard Images, which are continuously patched and rebuilt daily for security, you can seamlessly meet rigorous compliance vulnerability scanning requirements for container security.

We’re just getting started… 

It’s true, Chainguard Images has come a long way since its early days, but our work is just beginning. With the infusion of new funding, we are going to continue elevating the user experience through real-time security advisories and vital information on vulnerability remediation and updates for OSS software. This encompasses end-of-life notifications and the introduction of new versions.

We also are focused on expanding our ecosystem from product integrations to strategic partnerships that will help make adopting and purchasing Chainguard Images seamless for organizations of all sizes and across all industries. 

We’d also be remiss if we didn’t mention further expanding our inventory of Chainguard Images. We are adding new images daily and the list is limitless for what we will build next. If you have an image that you would like to use that is not currently in our inventory, let us know.

As container adoption becomes ubiquitous across the industry, the Chainguard Images solution is one of the best ways to support and secure the next generation of container and cloud-native application development.

Reflecting on Chainguard’s remarkable journey over the past two years, it's evident that our commitment to securing the software supply chain has gained traction. We'd like to thank everyone who has joined us on this incredible journey. If you are interested in joining our team, partnering with us, or would like to try one of our Chainguard Images, please reach out

The Case for Farm-to-Table Package Signing

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

More articles

New Images guides on Chainguard Academy!

Mark Drake, Staff Technical Writer
  •  
December 5, 2023

AWS Inspector Adds Support for Chainguard Images

Kaylin Trychon, Vice President of Marketing
  •  
November 30, 2023

Into The Deep: Exploring Chainguard Container Images

Matt Moore, CTO
  •  
November 29, 2023

Don’t break the chain – secure your supply chain today!

Contact us
Please direct security disclosures or questions about our bug bounty program to security@chainguard.dev
Copyright 2022
BlogCareersLegalTerms

Sign up for our newsletter

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Unchained
Products
Chainguard Images
Reduce your attack surface with minimal, distroless images.
Chainguard Services
Infrastructure, configuration, and compliance assessment.
Developer
Resources
Company
Contact
Back
Docs
Open source
Back
Unchained blog
Chainguard labs
Customer stories
Education
Back
About
Newsroom
Careers
Back
About
Newsroom
Careers
Product

Celebrating innovation in open source software and container image security with Chainguard Images

Kim Lewandowski, Chief Product Officer
November 1, 2023
copied

Over the past year, Chainguard has expanded its Images inventory, reaching over one million image builds, to offer developers the freedom to build secure software with the tools and applications they know and love. 

With Chainguard Images, we have designed a first-of-its-kind approach in the market to address container image security and secure open source software development, which are foundational components of securing the software supply chain. The road to product-market-fit is not defined, it is forged. And we have learned a lot refining our approach to building secure images as both a reliable and scalable enterprise product and open source community solution. Our Series B fundraising round further reinforces that we are on the right path, addressing the right open source and software supply chain security problems development and security teams face today. 

Chainguard Images – which started as an experiment – has now helped organizations from the private and public sectors see a 97.6% reduction in CVEs and eliminate entire classes of vulnerabilities within their software supply chain. Chainguard Images are trusted by Snowflake, Hewlett Packard Enterprise, Sourcegraph, GitGuardian, Replicated, the United States Air Force Platform One Iron Bank and more. 

Off the shelf, Chainguard Images offer: 

  • a large inventory of popular build and development tools, applications, middleware, and language runtimes,
  • a highly performant, more secure Container Image Registry that features passwordless, short-lived token-based authentication,
  • and critical software supply chain security requirements like Software Bill of Materials (SBOMs) and verified software signatures by Sigstore.

Thank you to our customers and open source adopters 

To our early adopter customers and open source projects, thank you for believing in the benefits Chainguard Images have to offer from day one. Jumping to new solutions that haven’t been done before and moving to the bleeding-edge of technology is a big step, but we’ve found a way to make living on this edge stable, reliable and secure. 

To-date, Chainguard Images have been pulled over 90 million times. We now also have more than 200 applications in our inventory, with over a million image builds. 

We also pride ourselves in open source software principles. This is why we are committed to maintaining a free, public tier of Chainguard Images for all developers and open source maintainers to benefit from into the future. 

Enterprise-ready capabilities and features 

What started as a secret project quickly turned into a way for Chainguard to revolutionize the way organizations address vulnerabilities and maintain the open source software they consume. Over the past year, we have rolled out many enterprise-ready capabilities and features across the Chainguard Images product suite, including: 

  • Tag History and Image Diff APIs:These features help enterprises understand the difference between Image builds, so they can see the speed and comprehensive updates occurring within their Chainguard Images and help determine when to update to the latest version.
  • Vulnerability comparisons: Users can now search known vulnerabilities and compare external images alongside Chainguard Images in Chainguard Academy.Enterprise user management enhancements: Building user management features with the tools and platforms customers are already using is critical for helping organizations unlock the benefits of Chainguard faster. We’ve enabled organizations to integrate with Chainguard using their internal enterprise identity platform provider (IdP) like Okta, Ping, Azure AD and more via OIDC workflows. We also heard feedback from customers about their need to standardize on Terraform. The Chainguard Terraform provider is now certified and publicly available for Chainguard Images to allow for greater ability to manage accounts, users, and access permissions at scale. These user management features in Chainguard Images offer enterprises more organizational control, flexibility, and security over their accounts.
  • Cloud Marketplace expansion: Chainguard Images are now available in the AWS Marketplace. The availability of these listings makes it easier for organizations using AWS to discover, purchase, and deploy Chainguard Images in their environments or leverage existing spend and credit commits towards their Chainguard Images usage.
  • Enterprise and open source scanner support: Leading scanners like Grype, Prisma Cloud, Snyk, Trivy, and Wiz now support scans within Chainguard Images and Wolfi. This growing ecosystem of scanner support enables our Chainguard Images customers and community users to continue leveraging the tools and workflows they use today for monitoring and prioritizing vulnerability scan results.
  • Enterprise SLAs: We provide Chainguard Images customers with an SLA on vulnerability remediation for vulnerabilities detected by scanners. This means that if an update is available for one of our Images, we'll apply it within a specified timeframe, ensuring that our Images remain free of known vulnerabilities and that our customers can deploy with confidence quickly. This dramatically limits noise from your scanners, so when CVEs do show up, you can be confident that they’re real and need attention. This saves your team time triaging vulnerabilities so they can focus on business priorities and innovation.

The future to a frictionless FIPS and FedRAMP journey

Achieving zero-known, High/Critical vulnerabilities in container environments is a requirement for meeting or maintaining certifications for most of today’s widely-required compliance frameworks, such as FedRAMP, StateRAMP, PCI, PCI DSS, and SOC2.

The compliance use cases for Chainguard Images have received exceptional response from the market and existing customers. If you are looking for a hardened container solution that can help you reach your FedRAMP goals, Chainguard Images is the answer. Today, we provide a number of FIPS-enabled base images for popular language ecosystems and applications. We also work with customers to create FIPS-ready images for their specific application needs. With Chainguard Images, which are continuously patched and rebuilt daily for security, you can seamlessly meet rigorous compliance vulnerability scanning requirements for container security.

We’re just getting started… 

It’s true, Chainguard Images has come a long way since its early days, but our work is just beginning. With the infusion of new funding, we are going to continue elevating the user experience through real-time security advisories and vital information on vulnerability remediation and updates for OSS software. This encompasses end-of-life notifications and the introduction of new versions.

We also are focused on expanding our ecosystem from product integrations to strategic partnerships that will help make adopting and purchasing Chainguard Images seamless for organizations of all sizes and across all industries. 

We’d also be remiss if we didn’t mention further expanding our inventory of Chainguard Images. We are adding new images daily and the list is limitless for what we will build next. If you have an image that you would like to use that is not currently in our inventory, let us know.

As container adoption becomes ubiquitous across the industry, the Chainguard Images solution is one of the best ways to support and secure the next generation of container and cloud-native application development.

Reflecting on Chainguard’s remarkable journey over the past two years, it's evident that our commitment to securing the software supply chain has gained traction. We'd like to thank everyone who has joined us on this incredible journey. If you are interested in joining our team, partnering with us, or would like to try one of our Chainguard Images, please reach out

Related articles
Product
Into The Deep: Exploring Chainguard Container Images
November 29, 2023
Product
The Incremental Path to Container Images: Chainguard Images
November 28, 2023
Product
Chainguard announces new Sigstore images to bring critical software supply chain tooling to enterprises
November 14, 2023
Products

Chainguard Images

Chainguard Services

Developer

Open source

Docs

Resources

Unchained blog

Chainguard Labs

Customer stories

Scanners

Security

Education

Company

About

Newsroom

Careers

Legal

Contact

Follow

Twitter

GitHub

LinkedIn

TikTok

© 2023 Chainguard, Inc.

Contact