Learn extra at:
Chainguard
Chainguard, based by former Google engineers with deep expertise in Linux distributions and provide chain safety, is a supplier of hardened, repeatedly up to date, “zero-CVE” open-source software program packages, from base working system photographs to minimal container photographs, language libraries, and digital machine home equipment. The corporate focuses on devsecops groups, with options designed to offer each builders and safety architects a extra reliable basis for constructing and working software program.
The flagship providing is a rolling Linux distribution backed by safety SLAs: seven days for important vulnerabilities and 14 for others, although the typical repair time is underneath 48 hours, in response to the corporate. Chainguard says it maintains a rising catalog of greater than 1,600 container photographs, increasing by about 100 per thirty days, every constructed immediately from upstream supply fairly than derived from one other distribution. This “farm-to-table” method ensures your entire device chain, together with compilers, runtimes, and dependencies, is rebuilt, retested, and re-released inside hours of an upstream replace.
Chainguard Libraries are safe builds of extensively used Java and Python packages, with Node.js libraries subsequent on the roadmap. Chainguard says that constructing libraries from supply addresses a typical hole, the place builders fetch third-party code immediately from the web with out the protections of a packaged distribution. A 3rd product line, Chainguard Digital Machines, applies the identical minimal, hardened philosophy to purpose-built VM home equipment, typically used as Kubernetes employee nodes or in scale-out cloud deployments. In lots of circumstances, container photographs from the Chainguard catalog may be rendered as bootable VM home equipment for workloads that require full OS-level entry to {hardware} sources.