Chainguard’s mission is to be the safe source for open source software. The company aims to make the software supply chain secure by default, allowing developers to build applications with confidence in a secure, vulnerability-free foundation. Chainguard’s goal is to provide developers with tools and pre-built container images that are minimal, hardened, and free of known vulnerabilities, thereby reducing the attack surface and mitigating security risks. This focus on “secure by default” is intended to shift the developer experience, making security an integrated and effortless part of the development lifecycle.
Chainguard has established a strong market reputation for its expertise in software supply chain security. The company is recognized for providing high-quality, minimal container images that significantly reduce vulnerabilities, which is a critical concern for organizations. Customers and industry observers often praise Chainguard for its proactive approach to security, its developer-friendly tools, and its commitment to open source. The company’s solutions are seen as essential for organizations in highly regulated industries and for any entity that relies on containerized applications.
Offerings, Capabilities, and Integrations
Chainguard is a cybersecurity company that provides solutions for securing the software supply chain. Its core offerings revolve around providing developers with secure, minimal, and vulnerability-free container images, libraries, and virtual machine (VM) images. This “secure by default” approach allows developers to build and deploy applications on a trusted foundation, reducing the time and effort spent on identifying and fixing vulnerabilities. Chainguard’s competitive edge lies in its focus on creating and maintaining an extensive catalog of hardened container images, which it considers a first-mover advantage. The company builds its images from source in secure environments, ensuring end-to-end integrity. This process results in a significant reduction in common vulnerabilities and exposures (CVEs) and a smaller attack surface. Chainguard integrates with various platforms and tools, including Datadog, Cloudsmith, and major cloud providers like Amazon Web Services (AWS), to streamline the adoption of its secure images within existing developer workflows.
Products and Services
Chainguard’s product portfolio is designed to secure different layers of the software stack. Its offerings include:
- Chainguard Images: This is the company’s flagship product. It is a collection of minimal, hardened container images with low-to-zero known CVEs. These images are rebuilt daily to include the latest security patches. Chainguard offers both a free “Developer” tier and a paid “Production” tier with additional features and support for enterprise customers.
- Chainguard Libraries: This service provides a catalog of secure, malware-resistant language libraries, starting with the Java ecosystem, to protect against supply chain attacks.
- Chainguard VMs: These are minimal, zero-CVE virtual machine images designed to serve as secure container hosts in cloud environments.
- Chainguard Enforce: This was the company’s first product and is a tool for securing the software supply chain by verifying the origins and contents of containers. It uses digital signatures to ensure that only trusted images are deployed in a Kubernetes environment.
- Wolfi: A Linux distribution created by Chainguard specifically for the cloud-native era, designed to be minimal and secure.
- Chainguard OS: An immutable Linux distribution built for security, it forms the foundation for Chainguard’s container images and VMs.
Target Customers
Chainguard’s target customers range from individual developers and open-source projects to large enterprise organizations across various industries, including banking, fintech, government, and technology. The company’s solutions are particularly beneficial for organizations with large DevOps teams that prioritize security and compliance, especially those working with open-source code and in cloud-native environments. Customers include notable companies like Hewlett Packard Enterprise, Snowflake, GitLab, and Wiz. These customers benefit from a reduced attack surface, fewer vulnerabilities to manage, and streamlined compliance with standards like FedRAMP and SOC2. By using Chainguard’s products, developers can focus more on building software and less on patching vulnerabilities, leading to increased productivity and faster time to market.
Cloud Integrations and Marketplaces
Chainguard has a presence on the AWS Marketplace, Microsoft Azure Marketplace, and Google Cloud Marketplace, offering its Chainguard Images product. In addition to these marketplaces, Chainguard provides several other cloud-related integrations.
- AWS Marketplace
Chainguard Images are available on the AWS Marketplace, allowing organizations to purchase and deploy them within their AWS environments. This facilitates leveraging existing AWS spending and credit commitments for using Chainguard Images. The product is a collection of minimal, hardened container images designed to reduce vulnerabilities. They are rebuilt daily with the latest security patches, offering low-to-zero known CVEs, verifiable image signatures, and SBOMs (Software Bill of Materials).
- Microsoft Azure Marketplace
Chainguard Images can be procured through the Microsoft Azure Marketplace. The images available on Azure are also minimal, hardened container images that aim to decrease the attack surface by only including necessary components. These images are updated daily to address new security fixes and CVEs.
- Google Cloud Marketplace
Chainguard is listed on the Google Cloud Marketplace. Chainguard was founded by former Google Cloud engineers and utilizes Google Cloud’s infrastructure to build its products. The company uses Google Cloud Run and Google Kubernetes Engine to manage its infrastructure and ensure secure application deployment.
- Other Integrations
Chainguard offers a certified Terraform provider to manage Chainguard Images accounts, users, and permissions, which provides enterprises with greater organizational control. Chainguard also integrates with Datadog, providing a dashboard that shows containers eligible for migration to Chainguard’s more secure images. Additionally, Chainguard Images can be integrated with Cloudsmith, which allows for the upstream proxying and caching of images. Chainguard has also announced support for Cilium and Istio, providing Chainguard Images bundles for these technologies.
Key People
- CEO & Co-Founder: Dan Lorenc
- CTO & Co-Founder: Matt Moore
- CPO & Co-Founder: Kim Lewandowski
- Distinguished Engineer & Co-Founder: Ville Aikas
- President GTM: Ryan Carlson
- SVP of Marketing: Liz Egan
- VP of Engineering: Dustin Kirkland
- General Counsel: Lindsey Krieger
- VP Of Customer Success: Akin Desai
- VP of Sales: Chris Holmblad
Key Facts
- Headquarters Location: Kirkland, Washington.
- Number of Employees: Approximately 350-550.
- Annual Revenue: $40 million.
- Parent Company: None.
- Subsidiary Companies: None.
- Publicly Listed: No.
Analyst Recognition
Chainguard has been recognized by the following analyst groups:
- Gartner: Chainguard was named a 2023 Gartner Cool Vendor in Platform Engineering for Scaling Application Security Practices.
- IDC: Chainguard was recognized as an IDC Innovator in the 2023 “IDC Innovators: Open Source Software Supply Chain Security” report.
There is no indication in the available research that Chainguard has been formally recognized by Forrester or Everest Group.
