Securing OSS Is Not Optional
We are a team of founders, maintainers, and contributors to the ecosystem's largest projects.
Sigstore
Sigstore is the new standard for signing, verifying and protecting open source software.
Kubernetes
The most widely used open source system to deploy, scale, and manage containerized applications.
Wolfi
The first community (un)distro built with default security measures for the software supply chain.
202Collective years of experience in open source
100+Projects actively maintained by Chainguardians
250+Hours a week spent contributing to OSS
18Chainguardians who hold leadership positions in OSS
Community Leadership
We contribute, maintain, and help lead some of the most widely relied upon open source software projects.
Kim Lewandowski
Chainguard CPO & Co-Founder
Dan Lorenc
Chainguard CEO & Co-Founder
Priya Wadhwa
Sigstore Technical Steering Committee
Josh Dolitsky
OCI Technical Oversight Board
Carlos Panato
Kubernetes Steering Committee
Contribute. Maintain. Secure.
Our roots are in open source.
Wolfi
Community (un)distro for supply chain.
Kubernetes
Container orchestration system.
Sigstore
Sign, verify, and protect software.
SLSA
Software supply chain framework.
Wolfi
Community (un)distro for supply chain.
Kubernetes
Container orchestration system.
Sigstore
Sign, verify, and protect software.
SLSA
Software supply chain framework.
Tekton
Standardized CI/CD tooling.
OCI
Standards for container formats.
OpenVex
Specification and reference toolchain.
Knative
Serverless containers in Kubernetes.
Tekton
Standardized CI/CD tooling.
OCI
Standards for container formats.
OpenVex
Specification and reference toolchain.
Knative
Serverless containers in Kubernetes.
Open Source Projects Using Chainguard Images
Timoni
Timoni is a package manager for Kubernetes, powered by CUE and inspired by Helm. The Timoni project strives to improve the UX of authoring Kubernetes configs. Instead of mingling Go templates with YAML like Helm, or layering YAML on top of each-other like Kustomize, Timoni relies on cuelang's type safety, code generation and data validation features to offer a better experience of creating, packaging and delivering apps to Kubernetes.
Infracost
Infracost shows cloud cost estimates and FinOps best practices for Terraform. It lets engineers see a cost breakdown and understand costs before making changes, either in the terminal, VS Code or pull requests.
ko
ko is a simple, fast container image builder for Go applications. It's ideal for use cases where your image contains a single Go application without any/many dependencies on the OS base image (e.g., no cgo, no OS package dependencies).
Kubepug
A Kubectl plugin that verifies the current Kubernetes cluster or input files, checking whether objects exist in deprecated API Versions.
Tekton
Tekton is a powerful and flexible open-source framework for creating CI/CD systems, allowing developers to build, test, and deploy across cloud providers and on-premise systems.
Ockam
Ockam empowers developers to build secure-by-design apps that can trust data-in-motion.