Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Latest updates
- open source
VEXed? Then Grype about it: Chainguard and Anchore announce Grype supports OpenVEX
Adolfo Veytia, Alex Goodman, Dan Luhring, and John Speed Meyers
- engineering
Conquering your Build Horizon
Matt Moore, CTO & Co-Founder
- security
Why Chainguard uses Grype as its first line of defense for CVEs
Dan Luhring, Staff Software Engineer
- security
Understanding attacker techniques in distroless containers
Adrian Mouat, Staff DevRel Engineer
- product
The haunting of CVE-2023-2454: A developer's nightmare
John Speed Meyers, Principal Research Scientist
- open source
Small octopus and a big idea: The story of how a one-year old Linux un-distro is improving the cloud’s software supply chain
Team Wolfi
- product
Chainguard’s response to CVE-2023-4527 in glibc
Dan Luhring, Staff Software Engineer
- news
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi
Kim Lewandowski, Chief Product Officer
- open source
How to use Dockerfiles with wolfi-base images
Adrian Mouat, Staff DevRel Engineer
- product
An update on Chainguard Images FIPS Validation
Adam Dawson, Product Manager, Chainguard Images
- open source
Working with government and industry to put open source security tooling into practice
John Speed Meyers, Principal Research Scientist and Adolfo García Veytia, Staff Software Engineer
- research
Stemming the tide of false positive vulnerabilities
Trevor Dunlap, NCSU and Chainguard Intern, Zack Newman, Principal Research Scientist