Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Latest updates
- engineering
Reflections on trusting VEX (or when humans can improve SBOMs)
Adolfo García Veytia, Staff OSS Engineer
- open source
7 reasons you should plan to adopt Sigstore in 2023
Tracy Miranda, Head of Open Source
- research
Software dark matter is the enemy of software transparency
John Speed Meyers, Adolfo Veytia, Dan Luhring, Zack Newman, and Santiago Torres-Arias
- news
Mitigating OpenSSL vulnerability with Chainguard
Dan Lorenc, CEO
- open source
Life of a Sigstore signature
Zachary Newman, Principal Research Scientist and Jed Salazar, Solutions Architect
- news
Sigstore is now generally available
Priya Wadhwa, Engineering Manager
- news
Chainguard at KubeCon North America: October 24-28!
Chainguard Team
- engineering
Is CVE-2022-42889 the next Log4Shell? Not really.
Ariadne Conill, Principal Software Engineer
- open source
Chainguard enthusiastically supports donating ko to CNCF
Jason Hall, Software Engineer
- research
Hunting malware on package repositories
Ly D. Vu, Zachary Newman, and John Speed Meyers
- research
What’s in the CNSA Suite, and who should care?
Zachary Newman, Principal Research Scientist
- security
Putting VEX to work
Adolfo García Veytia, Staff OSS Engineer