Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Security insights delivered before they become problems
Latest updates
- engineering
Not All SBOMs Are Created Equal
Ariadne Conill, Principal Software Engineer
- news
Securing Software Repositories with the OpenSSF
Zachary Newman, Principal Research Scientist
- engineering
The principle of ephemerality
Matt Moore, CTO and Ville Aikas, Distinguished Engineer
- engineering
Intro to OCI Reference Types
Josh Dolitsky, Staff Software Engineer
- news
YOLO Levels: Insecure Your Software Supply Chain!
Dan Lorenc, CEO
- engineering
Zero security debt for container images is possible
Roxanne Joncas
- open source
4 Key Sigstore Takeaways: Recap of Twitter Space with Kelsey Hightower
Lisa Tagliaferri, Director of Developer Education
- security
How Sigstore Can Help You and Your Team Follow the NIST SSDF Recommendations
Lisa Tagliaferri, Director of Developer Education
- security
SLSA vs. Software Supply Chain Attacks
John Speed Meyers, Head of Chainguard Labs
- security
Building trust in our software supply chains with SLSA
Kim Lewandowski, Chief Product Officer
- security
Avoid hidden security debt with these container maintenance best practices
Ariadne Conill, Principal Software Engineer
- security
I Read NIST 800-218 So You Don’t Have To: Here’s What To Watch Out For
Dan Lorenc, CEO