| 2 |
Chainguard: 0-Known Vulnerability Images |
2023-07-01 |
| 1 |
An Introduction to Fulcio |
2024-08-01 |
| 79 |
Chainguard Images now available on Docker Hub |
2024-03-14 |
| 77 |
Software dark matter is the enemy of software transparency |
2022-11-13 |
| 59 |
Open Container Initiative announces upcoming changes for registries |
2023-07-13 |
| 45 |
A toolbox for a secure software supply chain |
2022-08-26 |
| 36 |
What an SBOM Can Do for You |
2022-01-16 |
| 33 |
Working as unexpected |
2024-06-03 |
| 24 |
Apko: bringing distroless nirvana to Alpine Linux |
2022-02-28 |
| 18 |
How to Make Package Signing Useful |
2022-02-07 |
| 12 |
Be all about that base image |
2022-03-29 |
| 11 |
What the Fork: Imposter Commits in GitHub Actions and CI/CD |
2023-03-08 |
| 9 |
The Principle of Minimalism |
2023-06-22 |
| 8 |
Fully bootstrapping Java from source in Wolfi |
2023-06-02 |
| 7 |
Show HN: tlogistry.dev: Transparently Immutable Tags Using Sigstore's Rekor |
2022-07-07 |
| 5 |
Wolfi – Linux (Un)distro designed for securing the software supply chain |
2022-09-22 |
| 5 |
Chainguard, Inc |
2021-10-07 |
| 4 |
Not All SBOMs Are Created Equal |
2022-04-22 |
| 4 |
How to Verify Cosigned Container Images in Amazon ECS |
2022-02-04 |
| 4 |
Busting 5 Sigstore Myths |
2021-11-19 |
| 3 |
Understanding the relationship between FOSS and the “software supply chain” |
2023-01-22 |
| 3 |
Lessons from Leaked Android Platform Signing Keys |
2022-12-05 |
| 3 |
Move Over, Dockerfiles the New Way to Craft Containers |
2023-04-30 |
| 3 |
NPM and Sigstore: Making JavaScript secure by default |
2023-04-28 |
| 3 |
Building the first memory safe distro |
2023-02-07 |
| 3 |
The Principle of Ephemerality |
2022-04-17 |
| 2 |
Chainguard Enforce is now available on AWS Marketplace |
2022-11-27 |
| 2 |
Goodbye SDLC, Hello SSDF What Is the Secure Software Development Framework? |
2022-02-24 |
| 2 |
Speranza: Enhancing software signing with privacy and usability |
2024-03-09 |
| 2 |
Chainguard Raises $61M Series B Round |
2023-11-01 |
| 2 |
Securing the Machine Learning Supply Chain |
2022-12-06 |
| 2 |
What Your Scanner Doesn't Find Can Hurt You |
2022-09-02 |
| 2 |
There's no such thing as vuln-free software, it simply doesn't exist, yet |
2022-08-22 |
| 2 |
The Dirty Secret of Cyber Security Standards |
2022-05-20 |
| 2 |
Cosign Image Signing in AWS CodePipeline |
2022-01-08 |
| 1 |
The end of GitHub PATs: You can't leak what you don't have |
2024-04-13 |
| 1 |
Kernel-Independent FIPS Images |
2024-11-17 |
| 1 |
Minimal container images: Towards a more secure future (2022) |
2024-06-13 |
| 1 |
Images as Code: The pursuit of declarative image builds |
2024-02-11 |
| 1 |
GitHub Fixes Information Leak Bug in Its Container Registry |
2023-01-23 |
| 1 |
Are SBOMs Good Enough for Government Work? |
2023-01-21 |
| 1 |
Takeaways from USA Govt Developer Guidelines for Securing Software Supply Chains |
2022-09-20 |
| 1 |
Taming Bad Python Packages: Assessing Python Malware with a Benchmark Dataset |
2022-08-23 |
| 1 |
Minimal Container Images: Towards a More Secure Future |
2022-08-23 |
| 1 |
Our Seed Round, and Chainguard Services |
2021-12-09 |
| 1 |
Zero-friction “keyless signing” with GitHub Actions |
2021-12-02 |
| 1 |
Migrating Chainguard's Serving Infrastructure to Cloud Run |
2024-12-13 |