Chainguard Blog
Featured posts
Chainguard Libraries for Java is now GA and includes CVE remediation
Chainguard Libraries for Java is now GA, delivering CVE-remediated dependencies with SBOMs, provenance, and scanner-recognized fixes.
Ross Gordon, Staff Product Marketing Manager
Building a category: Chainguard named a Leader in the inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security
Gartner names Chainguard a Leader in Software Supply Chain Security, highlighting its secure-by-default approach and market vision.
Patrick Donahue, SVP, Product, and Sam Katzen, Director, Product Marketing
Latest updates
- engineering
Conquering your Build Horizon
Matt Moore, CTO & Co-Founder
- security
Why Chainguard uses Grype as its first line of defense for CVEs
Dan Luhring, Staff Software Engineer
- security
Understanding attacker techniques in distroless containers
Adrian Mouat, Staff DevRel Engineer
- product
The haunting of CVE-2023-2454: A developer's nightmare
John Speed Meyers, Principal Research Scientist
- open source
Small octopus and a big idea: The story of how a one-year old Linux un-distro is improving the cloud’s software supply chain
Team Wolfi
- product
Chainguard’s response to CVE-2023-4527 in glibc
Dan Luhring, Staff Software Engineer
- news
A growing ecosystem of vulnerability scanners that now support Chainguard Images and Wolfi
Kim Lewandowski, Chief Product Officer
- open source
How to use Dockerfiles with wolfi-base images
Adrian Mouat, Staff DevRel Engineer
- product
An update on Chainguard Images FIPS Validation
Adam Dawson, Product Manager, Chainguard Images
- open source
Working with government and industry to put open source security tooling into practice
John Speed Meyers, Principal Research Scientist and Adolfo García Veytia, Staff Software Engineer
- research
Stemming the tide of false positive vulnerabilities
Trevor Dunlap, NCSU and Chainguard Intern, Zack Newman, Principal Research Scientist
- product
Announcing a Chainguard Image for OpenTF
Dan Lorenc, CEO