Education on

What are Containers?

Tue, 17 Oct 2023 20:02:23 +0000

Maximizing the performance of computer hardware has been a critical undertaking for software engineers for decades. First developed in the 1960s, virtual machines (VMs) were an early answer to this challenge, allowing a single computer to host multiple, isolated operating systems. VMs enable different guest users or processes to share physical infrastructure while keeping their concurrent operations separated. However, as VMs are both slow to initialize and resource-intensive, a modern solution arrived in the early 2000s: containers.

Selecting a Base Container Image

Thu, 04 Aug 2022 15:21:01 +0200

Software teams building and deploying container-based software applications often use a “base image,” an initial set of software packages often associated with a Linux distribution. Software developers, security professionals, and infrastructure teams seeking to make an informed decision about what base image to use must consider a number of criteria when selecting a base image appropriate for their needs. Base images like those provided by Chainguard are designed to meet these security criteria while maintaining compatibility. To help these parties make a more informed decision when selecting a base image, this article describes a range of criteria:

What is software supply chain security

Thu, 04 Aug 2022 15:21:01 +0200

An earlier version of this material was published in the first chapter of the Linux Foundation Sigstore course.

Software producers have a supply chain just like manufacturing businesses have a supply chain. And just like manufacturers require physical inputs and then perform a manufacturing process to build a finished product, so do software producers, whether the producer is a company or individual. In other words, a software producer uses components, developed by third parties and themselves, and technologies to write, build, and distribute software. A compromise introduced anywhere in this chain is an example of a software supply chain security issue. Tools and practices like those implemented in Chainguard’s containers help organizations protect against these risks through built-in SBOMs, provenance attestations, and SLSA compliance.

Chainguard Glossary

Mon, 01 Aug 2022 15:21:01 +0200

General terms

Software supply chain

Like in material good supply chains, a software supply chain is composed of activities that an organization undertakes to deliver an end product or service to a consumer. Software supply chain activities involve the transformation of dependencies, packages, components, binaries, build and packaging scripts, code and other software artifacts, and infrastructure into a finished software deliverable that is deployed into production. Participants in the supply chain include actors like developers, reviewers, testers, and maintainers who are working on the product at hand, but also includes those who maintain and contribute to packages and package managers, and other software that may be incorporated into a given product. Software supply chains also include information relevant to the software, such as versioning, signatures, and hashes.

What Is a Build Horizon?

Mon, 16 Mar 2026 00:00:00 +0000

A build horizon is the maximum amount of time a build artifact — such as a compiled binary or container image — is permitted to remain in use before it must be rebuilt. Once an artifact exceeds its build horizon, it is considered stale and must be regenerated from up-to-date sources.

The practice has been adopted broadly to maintain production hygiene, reduce technical debt, and limit exposure to vulnerabilities in aging dependencies.

Chainguard Trademark Use Policy

Fri, 06 Dec 2024 15:21:01 +0200

Chainguard has a Trademark Use Policy for Chainguard™ and Wolfi™. The Trademark Use Policy for Chainguard™ is in connection with its software tools and platforms for container image registry services and related educational services. The Trademark Use Policy for Wolfi™ is in connection with software tools and related community services. This policy helps ensure that Chainguard’s trademarks remain reliable indicators of the qualities that they are meant to preserve.

The Trademark Policy details:

Learning Labs

Wed, 18 Jun 2025 21:00:00 +0000

Learning Labs are regularly run, virtual events from Chainguard that provide educational and training material about Chainguard products, software supply chain security, and related topics.

Lab Notes

The lab notes often include demo projects, a slide presentation, sample commands, links to specific sections in the video, and pointers to more resources:

Sea-curing Software With Linky

Tue, 25 Jul 2023 15:24:23 +0000

Join Linky on their mission to sea-cure the software supply chain!

CVEs

Fri, 30 Jun 2023 19:07:55 +0000

CVEs, or Common Vulnerabilities and Exposures, are entries of publicly disclosed software vulnerabilities which, if not addressed, may be used by attackers to access, manipulate, or compromise a computer system.

Secure Software Recommendations

Wed, 10 May 2023 08:49:15 +0000

Videos

Mon, 05 Sep 2022 08:49:15 +0000