Products
ProDUCtS
Chainguard Images New

Images are our security-first container base images.

Chainguard Enforce Beta

Enforce is a supply chain security solution for containerized workloads.

Professional Services

We can provide live and written training on supply chain security, the SLSA Framework and Sigstore.

Featured
All About That Base Image

Read our latest research paper on base image security.

View whitepaper
Community
Resources
CHAINGUARD RESOURCES
Whitepapers New

Complex software supply chain security
topics explained.

Customer Case Study

Read our case study with Block

Chainguard LabsNew

Original research on open source software and software supply chain security

Blog

Learn about software supply chain security from our experts.

NOW AVAILABLE
Chainguard Academy

Learning starts here
Company
PrivacyTerms
Sign inContact usGet a demo
Sign inContact usTry it out
Products
ProDUCtS
Chainguard Images New

Images are our security-first container base images.

Chainguard Enforce Beta

Enforce is a supply chain security solution for containerized workloads.

Professional Services

We can provide live and written training on supply chain security, the SLSA Framework and Sigstore.

Featured
All About That Base Image

Read our latest research paper on base image security.

View whitepaper
Community
Resources
CHAINGUARD RESOURCES
Whitepapers New

Complex software supply chain security
topics explained.

Customer Case Study

Read our case study with Block

Chainguard LabsNew

Original research on open source software and software supply chain security

Blog

Learn about software supply chain security from our experts.

NOW AVAILABLE
Chainguard Academy

Learning starts here
Company
PrivacyTerms
Sign inContact usGet a demo
Sign inContact usTry it out

WTF is Chainguard ?

Tracy Miranda
  •  
January 21, 2022
Tweet
The Case for Farm-to-Table Package Signing

Chainguard is a 3-month start up in the software supply chain security industry. The mission of Chainguard is to make the software lifecycle secure by default.

Sounds kinda vague. Do you have a product?

No. Not yet. We have some exciting ideas though, and are working on them right now!

Do you offer consulting services?

No. Not quite. We are working with a small set of companies and open source projects to gain a deeper understanding of the problem space first. Those interested can sign up here.

Why all the hype?

Software has eaten the world, but unfortunately software breaches hit record highs in 2021. As a result securing the software supply chain has leapt to the top of every company’s imperatives for 2022 - oh and the White house cares too.

Chainguard is responding by building a team with amazing folks who truly understand open source - not least because they have helped create amazing projects like minikube, knative, sigstore and tekton. To match the stunning pace the industry needs to move at, we’ve grown to  a team of 15 and counting.

How will you solve problems in this space?

We don’t have all the answers yet but we do know that supply chain security *is* open source security. Organizations not only have to worry about their internal software supply-chains, but are also vastly dependent on and incur the risk of open source they rely on and other vendors' supply chains. The entire practice of transferring code or artifacts relies on strict interoperability - so any solutions to supply-chain security must be open source. The sigstore project is one of the most rapidly adopted projects in the space.

WTF is sigstore? Is anybody using it?

Sigstore is a new standard for signing, verifying and protecting software. This week alone sigstore has been adopted by:

  • AWS
  • Arch Linux
  • Apache Maven docker images
  • Kubernetes Release
The Case for Farm-to-Table Package Signing

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Suspendisse varius enim in eros elementum tristique. Duis cursus, mi quis viverra ornare, eros dolor interdum nulla, ut commodo diam libero vitae erat. Aenean faucibus nibh et justo cursus id rutrum lorem imperdiet. Nunc ut sem vitae risus tristique posuere.

More articles

Chainguard Image Now Available for NATS

Dan Lorenc
  •  
March 27, 2023

Chainguard contributes Rekor Search Project to Sigstore

Priya Wadhwa
  •  
March 24, 2023

5 Capabilities in Chainguard Enforce You Don’t Want to Miss (Your Security Team Will LOVE #4)

Adam Dawson
  •  
March 23, 2023

Don’t break the chain – secure your supply chain today!

Contact us

Chainguard

Please direct security disclosures or questions about our bug bounty program to security@chainguard.dev
Copyright 2022
BlogCareersLegalTerms

Sign up for our newsletter

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Chainguard uses cookies to improve your experience and analyze traffic. By using our website, you agree to our privacy policy and our cookie policy.

Accept