Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Security insights delivered before they become problems
Latest updates
- news
Introducing Chainguard Labs: An update on an open, living software supply chain compromises dataset and new SBOM research efforts
John Speed Meyers and Zachary Newman, Principal Research Scientists
- news
Our 2023 technology trends & predictions for software security
Chainguard Team
- open source
The archiving of the Gorilla Web Toolkit: A tale of two software security risks
Dan Luhring, Staff Software Engineer and Eddie Zaneski, Staff OSS Engineer
- product
ICYMI: Our Chainsmas spaces recap
Chainguard Team
- security
Software supply chain security: Broader than SolarWinds and Log4J
Dan Lorenc, CEO
- security
Principles for secure software distribution: Lessons from leaked Android platform signing keys
Zachary Newman, Principal Research Scientist
- research
Securing the machine learning supply chain
Zachary Newman, Principal Research Scientist
- engineering
Reflections on trusting VEX (or when humans can improve SBOMs)
Adolfo García Veytia, Staff OSS Engineer
- open source
7 reasons you should plan to adopt Sigstore in 2023
Tracy Miranda, Head of Open Source
- research
Software dark matter is the enemy of software transparency
John Speed Meyers, Adolfo Veytia, Dan Luhring, Zack Newman, and Santiago Torres-Arias
- news
Mitigating OpenSSL vulnerability with Chainguard
Dan Lorenc, CEO
- open source
Life of a Sigstore signature
Zachary Newman, Principal Research Scientist and Jed Salazar, Solutions Architect