Chainguard Blog
Featured posts
Chainguard Libraries for Java is now GA and includes CVE remediation
Chainguard Libraries for Java is now GA, delivering CVE-remediated dependencies with SBOMs, provenance, and scanner-recognized fixes.
Ross Gordon, Staff Product Marketing Manager
Building a category: Chainguard named a Leader in the inaugural Gartner® Magic Quadrant™ for Software Supply Chain Security
Gartner names Chainguard a Leader in Software Supply Chain Security, highlighting its secure-by-default approach and market vision.
Patrick Donahue, SVP, Product, and Sam Katzen, Director, Product Marketing
Latest updates
- security
SLSA vs. Software Supply Chain Attacks
John Speed Meyers, Head of Chainguard Labs
- security
Building trust in our software supply chains with SLSA
Kim Lewandowski, Chief Product Officer
- security
Avoid hidden security debt with these container maintenance best practices
Ariadne Conill, Principal Software Engineer
- security
I Read NIST 800-218 So You Don’t Have To: Here’s What To Watch Out For
Dan Lorenc, CEO
- open source
Knative is now a CNCF project, and why this matters for software security
Tracy Miranda, Head of Open Source
- news
Why Chainguard joined the Open Source Security Foundation
Roxanne Joncas
- engineering
Introducing apko: bringing distroless nirvana to Alpine Linux
Ariadne Conill, Principal Software Engineer
- security
Goodbye SDLC, Hello SSDF! What is the Secure Software Development Framework?
Tracy Miranda, Head of Open Source
- engineering
Automatic SBOMs with ko
Matt Moore, CTO
- open source
sigstore, the local way
Thomas Strömberg, Director of Security
- engineering
Keyless signing with Tekton on Amazon EKS
Priya Wadhwa, Engineering Manager
- engineering
Keyless signing with Tekton on AKS
Nghia Tran, Engineering Manager