Chainguard Starter Images Now Available in Iron Bank: Minimal, Secure, and Reliable

Cybersecurity: A Mission-Critical Priority

Cybersecurity is more than just a compliance requirement—it’s essential to the mission of most organizations building software. Secure software supply chains and hardened container images ensure that teams can move fast without sacrificing security. For teams that rely on the Department of Defense’s hardened container repository, Iron Bank, there’s a new path to using Chainguard Images.

We know that dealing with Vulnerability Assessment Tracker (VAT) ticket findings can be a tedious and time-consuming process. The good news? With Chainguard Starter Images, this drudgery is significantly reduced. Our images are built to minimize vulnerabilities from the start, meaning fewer findings, faster remediation, and a streamlined path to Authorization to Operate (ATO). Since we proactively address VAT issues, you can leverage our body of evidence for an expedited approval process.

The Chainguard Difference: Security from the Source

At Chainguard, there’s no magic behind what we do—just hard work done well, every single day. We build all of our software from source code, including all dependencies. This approach allows us to implement industry-leading software supply chain security measures that protect your applications without adding unnecessary complexity.

Our secure-by-default images include:

• Minimalist design: Many of our images omit a shell or root access, drastically reducing the attack surface.

• Hardened compiler settings: We optimize for memory safety without breaking compatibility, in alignment with Executive Order (EO) directives.

• Build-time Software Bill of Materials (SBOMs): Every image comes with a detailed record of its components, ensuring full transparency, generated when it is built.

• Signed and attested images: Every Chainguard image is cryptographically signed, so you can trust its integrity and origin.

This level of security allows teams to focus on development without worrying about hidden vulnerabilities creeping into their environments.

Enhanced Productivity with Paid Features

While our Starter Images are free to start building with, organizations with higher security and compliance requirements can take advantage of premium features on over 1,200 different applications, including:

• FIPS-compliant images for environments that require federal-grade encryption and security.

• A best-in-class CVE Remediation SLA (7 days for critical, 14 days for the rest), ensuring that vulnerabilities are addressed within a guaranteed timeframe.

• Access to all upstream supported software versions (e.g., Python 3.9-3.13) for organizations that need consistency across deployments while maintaining security.

To access these, please contact us.

Accessing Chainguard Images over Iron Bank

To make the magic happen, our images follow a slightly different naming convention. Assuming you already have access to Iron Bank at IL2, you can pull any one of our developer images using the following format, where IMAGE-NAME is one of our over 40 free images:

registry1.dso.mil/chainguard/cgr.dev/chainguard/IMAGE-NAME:latest registry1.dso.mil/chainguard/cgr.dev/chainguard/IMAGE-NAME:latest-dev

Our Starter Images include popular languages like Python, Go, and Node. We also have utilities like busybox, postgres and mariadb, and pytorch for AI training.

Get Started Today

Chainguard Starter Images are built to help teams move faster, reduce costly engineering toil, stay secure, and streamline compliance. There are over 1,200 different applications and languages to choose from in our Images Directory. The latest versions of our most popular starter images are free to start building with today. And now, they’re available in Iron Bank too! Whether you’re working toward zero trust architecture, continuous ATO, or simply need a safe source for open-source software, our images are ready to support your mission.

Reach out today to learn more about Chainguard Starter Images.