Chainguard Blog
Featured posts
Chainguard Libraries for Java is now GA and includes CVE remediation
Chainguard Libraries for Java is now GA, delivering CVE-remediated dependencies with SBOMs, provenance, and scanner-recognized fixes.
Ross Gordon, Staff Product Marketing Manager
Building a category: Chainguard named a Leader in the inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security
Gartner names Chainguard a Leader in Software Supply Chain Security, highlighting its secure-by-default approach and market vision.
Patrick Donahue, SVP, Product, and Sam Katzen, Director, Product Marketing
Latest updates
- open source
Highlights from OpenSSF’s 2022 Annual Report
Kaylin Trychon, VP of Marketing and Communications
- product
Chainguard Image now available for Ruby 3.2
Dan Lorenc, CEO
- engineering
Building images for the secure supply chain
Adrian Mouat, Staff OSS Engineer
- research
Are SBOMs any good? Preliminary measurement of the quality of open source project SBOMs
John Speed Meyers, Principal Research Scientist
- news
Introducing Chainguard Labs: An update on an open, living software supply chain compromises dataset and new SBOM research efforts
John Speed Meyers and Zachary Newman, Principal Research Scientists
- news
Our 2023 technology trends & predictions for software security
Chainguard Team
- open source
The archiving of the Gorilla Web Toolkit: A tale of two software security risks
Dan Luhring, Staff Software Engineer and Eddie Zaneski, Staff OSS Engineer
- product
ICYMI: Our Chainsmas spaces recap
Chainguard Team
- security
Software supply chain security: Broader than SolarWinds and Log4J
Dan Lorenc, CEO
- security
Principles for secure software distribution: Lessons from leaked Android platform signing keys
Zachary Newman, Principal Research Scientist
- research
Securing the machine learning supply chain
Zachary Newman, Principal Research Scientist
- engineering
Reflections on trusting VEX (or when humans can improve SBOMs)
Adolfo García Veytia, Staff OSS Engineer