Chainguard ⛓️

Chainguard Containers now supports 1st Party RPM compatibility for RHEL 9 and RHEL 10, and we're joining FINOS 🎉 Here's what it means for financial services: bit.ly/4nmQA0Z

Let us be your extra hands. You got this. ✋ 🤚 🫱 🫲

Build with trusted open source, you must. May the 4th be with you ✨🛸

your CISO sitting next to your devs letting the AI agents loose without Chainguard

Only ~4% of CVEs (KEVs) are ever exploited in the wild. So at Chainguard, we're committing to the industry's first KEV SLA. Any CVE added to the CISA KEV Catalog affecting a Chainguard image, fixed within one calendar day. bit.ly/4umvd1N

@scholzj Thanks for letting us know! You can submit the issue here, and our team is on it: github.com/chainguard-ima…

Hey @chainguard_dev ... how can I report or fix issues in your container catalog, such as an incorrect alternative image in the security comparison in images.chainguard.dev/directory/imag… and images.chainguard.dev/directory/imag…? Our container images are for 5+ years hosted on Quay.io.

🟩 Chainguard artifacts are safe from the latest npm supply chain attack 🟩 A coordinated npm supply chain attack is targeting SAP ecosystem packages with 2.25M collective monthly downloads. Read more: bit.ly/4n04aH7

Honey, I’m home 🥹 We opened an office in New York City! We've been remote-first since day one and that's not changing. But we've learned over the years that being in the same room matters, so now we have a place to do that. @NYBizJournal shares more: bit.ly/4uD8U8z

The thing that slows down engineering teams most often isn't engineers. @mariamchec, TPM at @OutSystems, has spent her career proving that point. In our third Built Different video, Maria answers rapid-fire questions on leadership, systems, and what she's most proud of. 🎬

Malicious .pth file in elementary-data-0.23.3 landed on PyPI. The Chainguard Factory detected the malicious code and ensured it never reached our customers. ✅ Full analysis: chainguard.dev/unchained/chai…

Couldn't make it to #GoogleCloudNext? We're bringing the fun to you. 🔍 Introducing Malwhere: a word search game where every hidden term is a real threat from the past year. Start searching + share your results: chainguard.dev/malwhere

Our AI-native agent, the Guardener, is an engineer's new BFF 🤗 ✔️ Intelligent context-aware conversion ✔️Builds and tests layer by layer ✔️Deeper context, deeper telemetry via multiple deployment options And now you can see it in action: youtube.com/watch?v=xSQ4w3…

Chainguard customers are safe from the latest wave of supply chain attacks that began last night across npm + PyPI. We did not serve any of the malicious library versions, and our container images are clean. Read our full analysis: bit.ly/4mKNljj

30% of HireVue's cloud engineering team was dedicated to patching. After Chainguard: that team modernized their entire platform, hit FedRAMP in 9 months, and shipped *5* new products in a year. Security overhead is a product velocity problem. chainguard.dev/customers/hire…

Chainguard 🤝 @cursor_ai Our new partnership is making trusted OSS the foundation for AI-driven development. Now, devs using Cursor can pull from our CVE-free containers and malware-resistant libraries instead of public registries. See it in action 👇 chainguard.dev/unchained/chai…

We’re excited to announce our first-ever Reddit AMA, with our CTO & Co-Founder, @mattomata, on building & securing the software supply chain in the age of AI. Feel free to ask your toughest questions…we’re here for it! 📆 Tuesday, April 21 @ 12pm ET reddit.com/r/cybersecurit…

Your riskiest supplier isn't a vendor. It's a registry. via @chainguard_dev chainguard.dev/unchained/your…

Find a stamp at booth #7409 next week to win a tee 👕and be entered into a raffle for a $1,000 flight voucher for your next stress-free, malware-free vacation 🏖️ More details: get.chainguard.dev/gcn26

If you’re attending #GoogleCloudNext and want to get your hands on our exclusive MalWEAR swag, all you need to do is solve this riddle 🕵️‍♂️ Look where knowledge lives, Search where malware doesn’t dare. Scan through pages and you'll find… A “NOT HERE” stamp waiting there.

It’s National Librarian Day! 📚 Before "open source" was a thing, librarians were already managing access controls, versioning, and information integrity, for everyone, for free. We see you, we appreciate you, and today, we celebrate you! 🫶