Chainguard Scales to 500 Million Container Build Manifests as Catalog Adoption Accelerates

New updates have been reported about Chainguard.

Chainguard has crossed 500 million unique container build manifests produced by its automated software factory, underscoring the company’s scale in secure open source delivery and its role in enterprise software supply chain security. The Chainguard Factory—recently upgraded to a second-generation system powered by DriftlessAF, a resilient, AI-assisted reconciliation engine—continuously rebuilds open source components from source code, generating millions of builds each month in response to dependency changes, tooling updates, and disclosed vulnerabilities. Chainguard now supports more than 2,000 projects in its container catalog, over 340,000 image versions across x86_64 and aarch64, and around 27,000 unique Chainguard OS packages, giving customers broad coverage for modern application stacks with minimal or zero-CVE images and extensive customization options. CEO and co-founder Dan Lorenc positioned this capability as a way for engineering teams to avoid tradeoffs between speed and trust, as Chainguard assumes the ongoing maintenance burden of keeping open source components continuously rebuilt and verifiably secure.

Commercial traction is growing alongside this technical scale, with nearly 400 organizations—ranging from Fortune 500s to high-growth startups—now using Chainguard Containers, and new adopters in the last quarter including Black Duck, Nelnet, Rocket Lab, and SolarWinds. Since introducing catalog-based pricing in June 2025, the company has expanded its catalog by roughly 50% with more than 600 additional projects, while customers on the catalog option now use an average of 38 container images, double the consumption of per-image buyers, indicating stronger revenue leverage and deeper integration once customers commit to the full catalog. Chainguard is also enhancing product usability and lifecycle assurance with improved Helm Chart experiences in its console—offering richer metadata, version visibility, and image mapping—and a more predictable end-of-life policy that provides up to six months of security updates even for projects that upstream vendors drop immediately on new release. These moves position Chainguard as a central infrastructure provider for secure, production-grade open source, with expanding recurring value for enterprises seeking to standardize on a trusted container image catalog.