Chainguard Blog
Featured posts
Chainguard Libraries for Python: Now Generally Available with CVE Remediation and Malware Protection
Chainguard Libraries for Python, trusted open source language libraries designed for CVE remediation and malware protection, is now generally available.
Bria Giordano, Director, Product Marketing, and Anushka Iyer, Product Marketing Manager
The State of Trusted Open Source: December 2025
Chainguard’s State of Trusted Open Source for December 2025 dives into usage trends for Chainguard Containers, CVE data, and why remediation speed matters.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Security insights delivered before they become problems
Latest updates
- security
I Read NIST 800-218 So You Don’t Have To: Here’s What To Watch Out For
Dan Lorenc, CEO
- open source
Knative is now a CNCF project, and why this matters for software security
Tracy Miranda, Head of Open Source
- news
Why Chainguard joined the Open Source Security Foundation
Roxanne Joncas
- engineering
Introducing apko: bringing distroless nirvana to Alpine Linux
Ariadne Conill, Principal Software Engineer
- security
Goodbye SDLC, Hello SSDF! What is the Secure Software Development Framework?
Tracy Miranda, Head of Open Source
- engineering
Automatic SBOMs with ko
Matt Moore, CTO
- open source
sigstore, the local way
Thomas Strömberg, Director of Security
- engineering
Keyless signing with Tekton on Amazon EKS
Priya Wadhwa, Engineering Manager
- engineering
Keyless signing with Tekton on AKS
Nghia Tran, Engineering Manager
- engineering
How to make package signing useful
John Speed Meyers, Principal Research Scientist
- engineering
How to verify cosigned container images In Amazon ECS
James Strong, Solutions Architect
- open source
How Citi is building the secure software factory with Sigstore and Tekton
Tracy Miranda, Head of Open Source