New updates have been reported about Chainguard.
Claim 55% Off TipRanks
- Unlock hedge fund-level data and powerful investing tools for smarter, sharper decisions
- Discover top-performing stock ideas and upgrade to a portfolio of market leaders with Smart Investor Picks
Chainguard has introduced Chainguard Commercial Builds, extending its secure-by-default container model from open source into commercial software so vendors can ship images with zero known CVEs, full provenance, and defined security outcomes. By centralizing both open source and proprietary components into one hardened delivery pipeline, Chainguard aims to reduce security toil for software vendors while giving enterprises standardized, compliant containers across heterogeneous environments.
Under the program, ISVs such as Azul, Chainloop, Elastic, Expanso, F5 NGINX, GitLab, Grafana Labs, Mattermost, Nirmata, Percona, Smallstep, and Tiger Data will provide source code or binaries directly to Chainguard, which then uses its AI-native Chainguard Factory to build minimal, verifiable, FIPS-ready images governed by CVE SLAs. Partners can gain faster release cycles, access to regulated and security-sensitive markets, and potential new revenue via revenue-sharing, while end customers receive hardened, production-ready containers plus application-level support from the originating vendors.
Chainguard is positioning Commercial Builds as a remedy to the current model where customers receive general-purpose base images such as Debian or Ubuntu and must internally harden, patch, and validate them to satisfy regulatory and internal standards. This shift addresses friction, deployment delays, and inconsistent risk postures arising from fragmented container security practices, particularly as enterprises scale AI-driven application development and operate across varied Linux distributions and internal golden images.
Executives at participating partners describe the initiative as a way to offload container hardening to Chainguard while preserving their focus on core product capabilities, spanning Java runtimes, observability, secure collaboration, policy-as-code governance, database infrastructure, certificate automation, and time-series analytics. For Chainguard, the program deepens its role in the software supply chain beyond open source, reinforcing its positioning as a foundational security provider for Fortune 500 and high-compliance customers and creating a scalable platform for recurring, higher-value enterprise relationships and incremental partner-linked revenue streams.