Chainguard Blog
Featured posts
Chainguard Libraries for Java is now GA and includes CVE remediation
Chainguard Libraries for Java is now GA, delivering CVE-remediated dependencies with SBOMs, provenance, and scanner-recognized fixes.
Ross Gordon, Staff Product Marketing Manager
Building a category: Chainguard named a Leader in the inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security
Gartner names Chainguard a Leader in Software Supply Chain Security, highlighting its secure-by-default approach and market vision.
Patrick Donahue, SVP, Product, and Sam Katzen, Director, Product Marketing
Latest updates
- engineering
Minimal container images: Towards a more secure future
Adrian Mouat, Staff OSS Engineer
- research
Do the dependency trees of widely used packages grow?
John Speed Meyers, Zachary Newman, Jacobo McGuire, Marina Moore
- open source
We applaud PyPI steps to make Python more secure
Dan Lorenc, CEO
- open source
Transparently immutable tags using Sigstore's Rekor
Jason Hall, Software Engineer
- open source
Get started with Sigstore (Free Course!)
Chainguard Team
- engineering
Keyless Git commit signing with Gitsign and GitHub Actions
Billy Lynch, Staff Software Engineer
- news
Chainguard KubeCon EU 2022 Wrap Up
Chainguard Team
- security
The security costs of base image version loitering
John Speed Meyers, Ariadne Conill, Adrian Mouat
- news
Chainguard raises $50M in Series A to make software supply chain secure by default, introduces secure container base images
Chainguard, Inc.
- open source
Where Do I Sign? Step-by-step Sigstore Adoption
Jed Salazar
- security
Dealing with multiple SBOMs
Adolfo García Veytia, Staff OSS Engineer
- security
The Dirty Secret of Cybersecurity Standards
John Speed Meyers, Head of Chainguard Labs