Chainguard Blog
Featured posts
The State of Trusted Open Source: March 2026
AI is accelerating software and CVE growth. Chainguard’s latest report shows rising risk in the long tail and how teams can stay secure at scale.
Ed Sawma, VP of Product Marketing, and Sasha Itkis, Product Analyst
Everything we announced at Chainguard Assemble 2026
Catch up on all the announcements Chainguard made at Assemble 2026, featuring AI agent skills, CI/CD workflows, and more.
Patrick Donahue, SVP, Product
Security insights delivered before they become problems
Latest updates
- engineering
Zero security debt for container images is possible
Roxanne Joncas
- open source
4 Key Sigstore Takeaways: Recap of Twitter Space with Kelsey Hightower
Lisa Tagliaferri, Director of Developer Education
- security
How Sigstore Can Help You and Your Team Follow the NIST SSDF Recommendations
Lisa Tagliaferri, Director of Developer Education
- security
SLSA vs. Software Supply Chain Attacks
John Speed Meyers, Head of Chainguard Labs
- security
Building trust in our software supply chains with SLSA
Kim Lewandowski, Chief Product Officer
- security
Avoid hidden security debt with these container maintenance best practices
Ariadne Conill, Principal Software Engineer
- security
I Read NIST 800-218 So You Don’t Have To: Here’s What To Watch Out For
Dan Lorenc, CEO
- open source
Knative is now a CNCF project, and why this matters for software security
Tracy Miranda, Head of Open Source
- news
Why Chainguard joined the Open Source Security Foundation
Roxanne Joncas
- engineering
Introducing apko: bringing distroless nirvana to Alpine Linux
Ariadne Conill, Principal Software Engineer
- security
Goodbye SDLC, Hello SSDF! What is the Secure Software Development Framework?
Tracy Miranda, Head of Open Source
- engineering
Automatic SBOMs with ko
Matt Moore, CTO