Chainguard Blog
Featured posts
Chainguard Libraries for Java is now GA and includes CVE remediation
Chainguard Libraries for Java is now GA, delivering CVE-remediated dependencies with SBOMs, provenance, and scanner-recognized fixes.
Ross Gordon, Staff Product Marketing Manager
Building a category: Chainguard named a Leader in the inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security
Gartner names Chainguard a Leader in Software Supply Chain Security, highlighting its secure-by-default approach and market vision.
Patrick Donahue, SVP, Product, and Sam Katzen, Director, Product Marketing
Latest updates
- security
A Crash Course in Software Supply Chain Security
Zachary Newman
- engineering
Image sizes miss the point
Ariadne Conill, Principal Software Engineer
- news
A call to standardize on digital signatures for software security with Sigstore
Chainguard Team
- open source
Is Sigstore susceptible to psychic signatures? Sources say: sounds suspect
Zachary Newman, Principal Research Scientist
- engineering
Not All SBOMs Are Created Equal
Ariadne Conill, Principal Software Engineer
- news
Securing Software Repositories with the OpenSSF
Zachary Newman, Principal Research Scientist
- engineering
The principle of ephemerality
Matt Moore, CTO and Ville Aikas, Distinguished Engineer
- engineering
Intro to OCI Reference Types
Josh Dolitsky, Staff Software Engineer
- news
YOLO Levels: Insecure Your Software Supply Chain!
Dan Lorenc, CEO
- engineering
Zero security debt for container images is possible
Roxanne Joncas
- open source
4 Key Sigstore Takeaways: Recap of Twitter Space with Kelsey Hightower
Lisa Tagliaferri, Director of Developer Education
- security
How Sigstore Can Help You and Your Team Follow the NIST SSDF Recommendations
Lisa Tagliaferri, Director of Developer Education