Chainguard Blog
Featured posts
Chainguard Libraries for Python: Now Generally Available with CVE Remediation and Malware Protection
Chainguard Libraries for Python, trusted open source language libraries designed for CVE remediation and malware protection, is now generally available.
Bria Giordano, Director, Product Marketing, and Anushka Iyer, Product Marketing Manager
The State of Trusted Open Source: December 2025
Chainguard’s State of Trusted Open Source for December 2025 dives into usage trends for Chainguard Containers, CVE data, and why remediation speed matters.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Security insights delivered before they become problems
Latest updates
- open source
Life of a Sigstore signature
Zachary Newman, Principal Research Scientist and Jed Salazar, Solutions Architect
- news
Sigstore is now generally available
Priya Wadhwa, Engineering Manager
- news
Chainguard at KubeCon North America: October 24-28!
Chainguard Team
- engineering
Is CVE-2022-42889 the next Log4Shell? Not really.
Ariadne Conill, Principal Software Engineer
- open source
Chainguard enthusiastically supports donating ko to CNCF
Jason Hall, Software Engineer
- research
Hunting malware on package repositories
Ly D. Vu, Zachary Newman, and John Speed Meyers
- research
What’s in the CNSA Suite, and who should care?
Zachary Newman, Principal Research Scientist
- security
Putting VEX to work
Adolfo García Veytia, Staff OSS Engineer
- news
What’s software supply chain security got to do with the State of DevOps Report? A Lot.
John Speed Meyers, Principal Research Scientist and Todd Kulesza (Google)
- engineering
What's new in SPDX 2.3?
Adolfo García Veytia
- news
Learn to build software that is secure by default with Chainguard Academy
Lisa Tagliaferri, Director of Developer Education
- product
Introducing Wolfi: The first Linux (un)distro designed for securing the software supply chain
Dan Lorenc, CEO