Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Security insights delivered before they become problems
Latest updates
- open source
Get started with Sigstore (Free Course!)
Chainguard Team
- engineering
Keyless Git commit signing with Gitsign and GitHub Actions
Billy Lynch, Staff Software Engineer
- news
Chainguard KubeCon EU 2022 Wrap Up
Chainguard Team
- security
The security costs of base image version loitering
John Speed Meyers, Ariadne Conill, Adrian Mouat
- news
Chainguard raises $50M in Series A to make software supply chain secure by default, introduces secure container base images
Chainguard, Inc.
- open source
Where Do I Sign? Step-by-step Sigstore Adoption
Jed Salazar
- security
Dealing with multiple SBOMs
Adolfo García Veytia, Staff OSS Engineer
- security
The Dirty Secret of Cybersecurity Standards
John Speed Meyers, Head of Chainguard Labs
- security
A Crash Course in Software Supply Chain Security
Zachary Newman
- engineering
Image sizes miss the point
Ariadne Conill, Principal Software Engineer
- news
A call to standardize on digital signatures for software security with Sigstore
Chainguard Team
- open source
Is Sigstore susceptible to psychic signatures? Sources say: sounds suspect
Zachary Newman, Principal Research Scientist