Secure, Minimal, and Well-Supported — A Great Experience with Room for Transparency Improvements
What do you like best about the product?
Chainguard Images have been a transformative addition to our software supply chain strategy. The minimal, hardened, and continuously verified container images significantly reduce our attack surface while ensuring compliance and operational reliability.
One of the biggest pain points in container security is managing outdated or bloated base images filled with vulnerabilities. Chainguard solves this brilliantly with distroless, signed images that are continuously updated and come with built-in provenance and SBOMs. It’s clear they’ve thought deeply about what modern development teams need to build secure-by-default applications.
What really sets Chainguard apart, though, is their exceptional support. From day one, their team has been proactive, responsive, and genuinely invested in our success. Whether it was help with integration, optimizing our image choices, or answering security policy questions, their support engineers went above and beyond. Their documentation is also thorough and developer-friendly, which makes onboarding smooth and intuitive.
In summary: Chainguard Images bring peace of mind to any DevSecOps team, and their world-class support makes them a true partner in software supply chain security. Highly recommended for anyone building or deploying containers in a production environment
One of the biggest pain points in container security is managing outdated or bloated base images filled with vulnerabilities. Chainguard solves this brilliantly with distroless, signed images that are continuously updated and come with built-in provenance and SBOMs. It’s clear they’ve thought deeply about what modern development teams need to build secure-by-default applications.
What really sets Chainguard apart, though, is their exceptional support. From day one, their team has been proactive, responsive, and genuinely invested in our success. Whether it was help with integration, optimizing our image choices, or answering security policy questions, their support engineers went above and beyond. Their documentation is also thorough and developer-friendly, which makes onboarding smooth and intuitive.
In summary: Chainguard Images bring peace of mind to any DevSecOps team, and their world-class support makes them a true partner in software supply chain security. Highly recommended for anyone building or deploying containers in a production environment
What do you dislike about the product?
One area that could use improvement is transparency around source code and SBOM (Software Bill of Materials) access. While the images are secure and well-maintained, having easier access to corresponding source repositories and complete SBOMs—preferably in an automated or standardized format—would help us meet internal audit and compliance requirements more seamlessly.
What problems is the product solving and how is that benefiting you?
The built-in signing, provenance, and emphasis on secure defaults have given our team increased confidence in what we’re deploying. Integration was straightforward, and the developer experience has been smooth from the start.
There are no comments to display