December 3, 2025

Doing our best work: Chainguard’s engineering principles in practice

Dustin Kirkland, SVP of Engineering

At Chainguard, we often say our mission is to make open source software trustworthy by default. But that mission only becomes reality through how we work — the culture, practices, and values that guide every engineer here. That’s why, over two years ago, the Engineering team set out to document what it really means to do our best work. The result is something we call our Engineering Principles — four deceptively simple ideas that shape how we design, build, and operate everything we produce.

These aren’t just words on a slide or a poster in a (virtual) hallway. They’re living principles. They’re what we use to measure ourselves, challenge ourselves, and even argue with ourselves — in architecture reviews, in design discussions, in incident postmortems. Twice a year, our Principal Engineers (and yes, I personally delight in the play on words there — our principles and our principals) lead a peer-nomination process to recognize four engineers who best embody these ideals. Those awards are our way of saying, “This is what great engineering looks like at Chainguard.”

Let me walk you through what each of these principles means to us — and how we live them every day.

1. Reduce complexity

Eliminate silos. De-duplicate redundancy. Deprecate outdated infrastructure. Eradicate the unnecessary. Utilize platforms. Standardize on reusable components.

Complexity is the enemy of reliability, scalability, and security — and in our world, those three things are non-negotiable. When we say “reduce complexity,” it’s not a call for oversimplification; it’s a call for clarity and intentionality. Every engineer at Chainguard has the responsibility to look at the systems we build and ask: What can we remove? What can we simplify? What can we automate?

We eliminate silos because security isn’t a team — it’s a shared responsibility. We de-duplicate redundancy because we know that two slightly different versions of anything are two potential failure points. We deprecate outdated infrastructure and eliminate unnecessary elements to keep our focus sharp and our attack surface small. We build platforms that let us scale securely. And we standardize on reusable components because that’s how small teams build big things quickly and safely.

2. Empower individuals

Reduce friction. Unblock contribution. Enable self-service. Reward ownership. Trust one another.

Every Chainguard engineer is an owner. That’s not a metaphor — it’s a mindset. Empowering individuals means providing everyone with the tools, context, and autonomy to ship safely and confidently.

Reducing friction and unblocking contribution is a design problem, not a process one. So we invest in platforms and automation that make it easier to do the right thing — whether that’s merging a PR, deploying a service, or rotating a key. We enable self-service because bottlenecks don’t scale. And when someone takes ownership of a system, we trust them to make the right trade-offs — and we reward that trust.

In my role, I see this every day: engineers helping each other, sharing hard-earned lessons, and unblocking their teammates — not because they were told to, but because empowerment is contagious.

3. Engineer the value proposition

Build complete solutions. Innovate where it matters. Differentiate with proprietary technology. Source commodity tools.

At Chainguard, we’re not just building software; we’re engineering trust. “Engineer the value proposition” means that every decision we make should connect directly back to how we deliver value — to our users, our customers, and the broader open source ecosystem.

We build complete solutions, not just components. We innovate where it truly matters — in securing the software supply chain, advancing provenance, and making the secure path the easiest one. And where the solution already exists as a commodity tool, we source it — because reinventing the wheel isn’t innovation, it’s distraction.

Our differentiators are the technology and experiences that make Chainguard unique — from our secure-by-default container images to our signature transparency and open collaboration model. That’s the heart of our value proposition.

4. Ensure production excellence

Design for the future. Implement for the present. Architect for scalability, reliability, simplicity, and observability. Automate for speed, safety, efficiency, and security.

We take “production excellence” seriously because our customers depend on us in the most critical parts of their infrastructure. For us, that means balancing long-term vision with short-term execution — designing for the future while implementing for the present.

We architect for scalability and reliability so our systems can handle growth gracefully. We aim for simplicity and observability because opaque systems fail silently — and we can’t secure what we can’t see. And we automate for speed, safety, efficiency, and security because in our world, speed and security are not opposites; they’re partners.

Every deploy, every build, every alert — it all reflects our pursuit of production excellence. It’s how we earn and keep the trust of our customers.

Principles and principals

One of my favorite Chainguard traditions is our twice-yearly Engineering Principles Awards. Our Principal Engineers — the senior-most technical leaders — review nominations from across the organization, choosing four engineers who most fully embody each principle. It’s a celebration of craftsmanship, collaboration, and consistency.

And it’s also a mirror. These awards challenge each of us to ask: Am I reducing complexity? Am I empowering others? Am I engineering for value? Am I delivering excellence in production?

Those questions drive us forward, and they make Chainguard a better place to build — and a better partner to work with.