People Listen to People, Not Brands
Here are real developers and security professionals who are fans of Chainguard Images!
Eldad Stinbook
Cloud & Security Champion | DevOps & DevSecOps Extraordinaire | Driving Innovation, Efficiency & Trust in Cloud Solutions | FedRAMP Expert Delivering High-Impact Results | Neighbourhood Cat Feeder and Dog Lover
While I typically shy away from commercial tools, Chainguard (https://lnkd.in/eYRdZjPr) is a game-changer for FedRAMP compliance. When it comes to tackling the beast of secure Docker images, these folks are the heavy lifters you need in your corner. For anyone wrestling with FedRAMP, Chainguard isn't just a nice-to-have – it's your secret weapon. They make the impossible possible in managing truly secure Docker images. Don't even think about FedRAMP without putting Chainguard on your shortlist!
#CloudComputing #DevOps #Kubernetes #FedRAMP #CICD #InfrastructureAsCode #Monitoring #Logging #Containers #SecOps #CloudSolutions #FinOps
Disclaimer: I have no affiliation with this company whatsoever.
Mackenzie Jackson
Developer and Security Advocate | DevRel @GitGuardian | Host @ The Security Repo Podcast
It has been amazing to work with Chainguard, I never would have believed that getting to a 0 CVE image would be so easy (heck, I wouldn't have believed it was even possible) before we introduced Chainguard into our workflow.
This is also the most epic Testimonial video I have ever seen, I sound at least 100% smarter than normal.
Kit Merker
@KitMerker
Did I mention that FilterBox uses @chainguard_dev images so it’s secure af (that’s a technical term)
Tuan-Anh Tran 🦄 🌈
@tuananh_org
We adopted Chainguard stack (melange/apko/images) at work and everyone has been super happy since. We wrote a tiny bit to automate image digest updates when we rebuild the base images.
Rohit Warke
Vice President at Credit Suisse
As the name suggests these images are designed for security and reduce your attack surface.
Ian Zink
@z4ce
I know @chainguard_dev images aren't magic, but hard work.. but it's the closest thing to a magic wand for CVEs I've seen
Sebastien Goasguen
@sebgoa
That one is even better 🥳 #rejekts2023 basically you are screwed unless you use @chainguard_dev 🤗
John Kjell 🦉🛡️
@realjohnkjell
Underrated benefit of Chainguard images, I can still pull them on hotel WiFi. 🥲
Mathieu Benoit
Customer Success Engineer at Humanitec | CNCF Ambassador | GDE Cloud
I recently gave the cgr.dev/chainguard/nginx container image a try, here are my learnings! Towards having more secure container images!
😍
#containersecurity #kubernetessecurity #chainguard #wolfi #nginx #alpine
Minimal Wolfi-based nginx HTTP, reverse proxy, mail proxy, and a generic TCP/UDP proxy server.
Abhay Bhargav
@abhaybhargav
Now it's time for the Container image. I default nowadays to using @chainguard images with multi-stage builds for python. these base images are not only lightweight but don't have the vulns
And I sign them with @projectsigstore cosign before pushing it to container registry
Cole Kennedy
@colek42c
I really love what @chainguard_dev is doing with Wolfi. https://github.com/chainguard-dev/wolfi-os I'll definitely be using it for anything that doesn't work on scratch.
DefenseUnicorns
@DefenseUnicorns
We've begun using more @chainguard_dev images internally. They have zero CVEs 🤯. We recently learned our air gap tool http://Zarf.dev is now available in @wolfi_os. This is one of the many reasons we love the open source community. We can all get better together!
Ofir Cohen
CTO of Container Security @ WizCTO
Of course, Chainguard is THE goto for base images, high quality software and a strong chain of custody. I can’t imagine people are still using alpine, there should be some more awareness towards image security!
Sure you’ve got scratch, ko for Go images and Google’s distroless for various other runtimes, but for truly streamlining it across polyglot repos is only possible with something like Wolfi if you want to achieve enterprise grade production, FedRamp FIPS compliance and with good SLAs.
This can only be achieved with Chainguard at least these days :-)
Nicolas M. ChaillanNicolas
Founder of Ask Sage, Bringing Generative AI to Gov | Former U.S. Air Force and Space Force Chief Software Officer (CSO) | Pilot
Another monthly vulnerability report to FedRAMP and DoD IL5 for our ATO Continuous Monitoring and another month with 0 FRICKING CVEs!
Who can top that?
I know no AI product that has 0 CVE in their entire stack.
Who even remotely competes with Ask Sage, Inc.? Nobody.
Thanks Chainguard for making this happen with us!
Shaun McDonnell
Director of Platform Engineering at Shift5
Guys. Chainguard is worth every penny.
I got to go on a date with my wife last night because I didn't have to remove CVEs from my container images.
Rob Gil
Security Architecture @ Okta | Advisor | Speaker
This is huge. Finally a vendor that provides pre STIG'd images that both supports and maintains them. The overhead that companies incur for this work is massive. Often its duplicated across product teams for the same applications and containers.
This is way beyond what Ironbank does which is typically containers based on OS images. The surface area in these images are still huge simply due to the fact that the base image was designed for hardware and VMs. They're not stripped like container images should be. That burden still fell on the engineers who use those images.
Travis Gosselin
Distinguished Software Engineer, Developer Experience
No matter how much time we spend securing our codebase, and how much time I spend demoing and encouraging teams to use tooling like GitHub Advanced Security Code Scanning, we are still plagued by the underlying CVEs and vulnerabilities in the base docker images we use that impact our attack surface area! We seem to have gotten used to "living" with the identified CVEs in those images - I know I have... "not my problem" right? Sure, until you live the potential reality that exposure may bring! Very excited to learn about Chainguard's curated set of images (thanks to Levi Geinert for the tip). This looks pretty refreshing! https://lnkd.in/gskNjizA Are you using it? Are there other alternatives?
Rob Slaughter
@RobCSlaughter
perfect timing as Zarf just added @chainguard_dev base images. Love what your doing and the value you are providing to the greater community.
Mark Manning
@antitree
Game changer? Not many reasons not to use @chainguard_dev images now.
Stu Hirst
Chief Information Security Officer (CISO) at Trustpilot / Co-founder of Cyber Scotland Connect / Speaker
"Stop shifting left. Start left". Love that. #DevSecOps
Karl Haworth
Developer Experience | Kubernetes | Cloud | Developer | DevOps
Rockin 0 CVEs in my base images due to Chainguard and now got an awesome shirt to tell the world! Sure there’s other ways to achieve this, but the effort on my end is minimal and I don’t have to worry about the sources of the packages. I’m not normally one to boast about a specific vendor, but 🤯. #kubecon2023 #supplychainsecurity #vulnerabilities #easypeasy
Reach Inbox Zero for CVEs
Offload vulnerability management with our minimal images and eliminate CVEs daily.
Wolfgang Ellsässer
@wollomatic
My life feels so much more relaxed since I started using Chainguard images :-)
Paul Drage
Engineering manager @ Viator | Technologist | Bit of a nerd
Chainguard really does look like it can transform the software supply chain for the greater good - just needs more eyes on it and commitment to adopt; I see almost no reason not to migrate services to these images; especially when there are like for like images available with what you need. Swapping a single line in your Dockerfile with a different source for your base image is all that is needed.
Zachary Karpinski
Senior Software Engineer | Open-Source Contributor | Cybersecurity | AWS Certified | DevSecOps | ITIL v4
Putting #security and minimalism first -
I migrated Luminous Onion from a vulnerable base image to Chainguard's image built with #Wolfi dropping the vulnerabilities to a manageable 0 count! All with only 2 lines of code changed. Yes, it's really that easy!
Highly recommend checking out Chainguard images for your projects.