Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Security insights delivered before they become problems
Latest updates
- security
Don’t overlook the boardroom benefits of a secure software supply chain
Kim Lewandowski, Chief Product Officer
- security
What your scanner doesn't know **Can** hurt you
Dan Lorenc, CEO
- security
A toolbox for a secure supply chain
Marina Moore, Summer Intern
- news
There's no such thing as vulnerability-free software, it simply doesn't exist… yet
Dan Lorenc, CEO
- security
Implementing Secure Software Supply Chain Security Controls: Understanding NIST SSDF & SLSA Frameworks
Jason Lutz, Customer Engineer
- security
Sigstore for CISOs
John Speed Meyers, Principal Research Scientist and John Osborne, Principal Sales Engineer
- engineering
Secure your software factory with melange and apko
Josh Dolitsky, Staff Software Engineer
- news
Let's stop insecure software from eating the world
Dan Lorenc, CEO
- engineering
Minimal container images: Towards a more secure future
Adrian Mouat, Staff OSS Engineer
- research
Do the dependency trees of widely used packages grow?
John Speed Meyers, Zachary Newman, Jacobo McGuire, Marina Moore
- open source
We applaud PyPI steps to make Python more secure
Dan Lorenc, CEO
- open source
Transparently immutable tags using Sigstore's Rekor
Jason Hall, Software Engineer