Chainguard ⛓️ @chainguard_dev Twitter profile

Last Seen Profiles

@palm202099

@mark_body41668

@bokeplokalmalam

@Scomb

@brycesvacuum

@Acz9K

@Beatrice__L18

@amaal90u

@xaiki

@LadyVic41

@Iilmishy

@SmallBrosNFT

@Zugan

@peaches

@H2G_1

@TARS_lab

@alhan

@theater_donut

@MastersonEli

@linney

@bokeplokalmalam

@smart_MS3

@z_4rr

@webofstars1

@MARI_ANAKINLUKE

@irenl

@cdbil

@SteveDavies43

@hzood

@VoragineCo

@WHOistravey

@BryceSalek

@sowaveyyy_

@RobertP36878696

@Bradyoung02

@soso_hmodh

Chainguard ⛓️

@chainguard_dev

2 years

Becoming an open source maintainer 🏊‍♂️

15

55

302

Chainguard ⛓️

@chainguard_dev

3 years

We are thrilled to announce our new company: Chainguard, Inc. We are just getting started, but if you are interested in improving your software supply chain security, we would love to hear from you!

48

45

292

Chainguard ⛓️

@chainguard_dev

2 years

THE WAIT IS OVER⚡️ Introducing... 🐙 Wolfi, the 1st #Linux (un)distro designed w default security measures 🎓 Chainguard Academy, the 1st interactive edu platform dedicated to software security 🪄 Enforce GA

60

102

287

Chainguard ⛓️

@chainguard_dev

1 year

Happy Tuesday! 🤠

8

20

145

Chainguard ⛓️

@chainguard_dev

1 year

✨✨

0

24

141

Chainguard ⛓️

@chainguard_dev

10 months

🚀 Announcing our $61 million Series B Round🚀 🔮The future is clear: if you adopt open source software you are responsible for securing it. 🔐Our mission is to be *the safe source for open source* to build right, safe & fast. 💜TY for all the support!💜

20

21

138

Chainguard ⛓️

@chainguard_dev

2 years

Everyone racing to turn on 2FA. 🏎

5

13

127

Chainguard ⛓️

@chainguard_dev

2 years

🎃👻

5

16

121

Chainguard ⛓️

@chainguard_dev

2 years

Things you can install into Kubernetes 🫡

9

23

110

Chainguard ⛓️

@chainguard_dev

2 years

Today we are releasing a brand new whitepaper that changes how we think about container security debt. 📃✨Announcing: "All About That Base Image" whitepaper ✨📃 Written by John Speed Meyers & Zack Newman Read it

Zero security debt for container images is possible

Achieve zero security debt for container images with Chainguard's "quiet" base images, featuring minimal vulnerabilities and built-in security features.

www.chainguard.dev

5

35

108

Chainguard ⛓️

@chainguard_dev

1 month

☀️ ‘Tis the sea-son! 🌊 We’re excited to announce our Series Sea (C) round led by @Redpoint , @lightspeedvp , and @IVP . Are you squidding me?! 🤯🐙 We’ve achieved so much in our 2.5+ year journey so far: 🤝 Customers: Partnered with the world’s leading enterprise, security, and

16

22

106

Chainguard ⛓️

@chainguard_dev

2 years

⚡ Introducing Chainguard Enforce: Secure your software supply chains without sacrificing productivity ✅ Protect your org from supply chain threats ✅ Keep up with changing security regulations ✅ Prioritize a seamless developer experience Learn more ➡️

Unchained: Our Blog

Read the latest software supply chain & open source security updates, from our opinions on security technologies to research & remedies for the biggest threats.

www.chainguard.dev

1

25

96

Chainguard ⛓️

@chainguard_dev

2 years

Ruin a security engineer's day in 3⃣ words:

134

8

95

Chainguard ⛓️

@chainguard_dev

2 years

Summarize Kubernetes in 3 words or less🍿

197

9

82

Chainguard ⛓️

@chainguard_dev

2 years

Let’s spread some love in the open source community & tag a maintainer you appreciate! ❤️🥰

25

8

77

Chainguard ⛓️

@chainguard_dev

2 years

devs trying to run away from dependabot 🐼🐾

5

16

77

Chainguard ⛓️

@chainguard_dev

2 years

⚡ Introducing Chainguard Images: The first container base images designed for a secure software supply chain! ✅ Painless Vulnerability Management ✅ SBOM included ✅ Easy Compliance (FIPS, SLSA) ✅ Built on Open Source and Standards Learn more ⬇️

1

24

74

Chainguard ⛓️

@chainguard_dev

1 year

🏊

2

15

73

Chainguard ⛓️

@chainguard_dev

2 years

We're excited to announce our $50M Series-A funding round led by @sequoia . Thanks to all our amazing investors for supporting our mission to make the software supply chain secure by default.

2

11

73

Chainguard ⛓️

@chainguard_dev

2 years

⚡️Defend your software supply chains with #CHAINGOURD ! 🎃 📍SU48 @ #KubeCon 1️⃣Draw/ create a #Chaingourd 2️⃣Tag us to enter the Chaingourd Challenge! 3️⃣Winner gets a $50 gift card & 🐙swag pack! 🥳 *No Chainguardians were harmed in the making of this tweet. ☮️

11

14

66

Chainguard ⛓️

@chainguard_dev

2 years

Avoiding software supply chain attacks 🗡

4

12

68

Chainguard ⛓️

@chainguard_dev

2 years

SLSA and software supply chain security? Nah, thanks #yololevel ✌️

5

21

68

Chainguard ⛓️

@chainguard_dev

2 years

Nobody: Literally no one: Not a single soul on earth: Security engineers: ccccccrtvcvigkgdrutfkiuhrvufnufknkbcnbfrufdfYZ0z95a7JS2lLwccccccrtvcvigkgdrutfkiuhrvufnufknkbcnbfrufdf 🔐😎

6

9

66

Chainguard ⛓️

@chainguard_dev

3 years

We're stoked to announce that we're now official members of the @OCI_ORG ! We're looking forward to working with the rest of the community to help evolve these important container standards to make supply chain security easy for everyone!

0

6

61

Chainguard ⛓️

@chainguard_dev

11 months

🫡

3

17

59

Chainguard ⛓️

@chainguard_dev

2 years

🤪

6

9

59

Chainguard ⛓️

@chainguard_dev

2 years

Employ full-time Kubernetes contributors 💯

0

17

58

Chainguard ⛓️

@chainguard_dev

2 years

WTF is…a distroless container? 📦

1

14

58

Chainguard ⛓️

@chainguard_dev

11 months

True or false? 🤔

4

5

57

Chainguard ⛓️

@chainguard_dev

2 years

TL;DR: Everything that can be ephemeral, should be ephemeral. Read this new essay from @mattomata & @AikasVille 👇

The principle of ephemerality

Embrace ephemerality for enhanced software security: Minimize attack surfaces by ensuring temporary access and resources.

www.chainguard.dev

2

21

56

Chainguard ⛓️

@chainguard_dev

2 years

SBOMs are key building blocks of software security, but does it really matter how they are generated? In this new post @ariadneconill pulls back the curtain on SBOM generation.

Not All SBOMs Are Created Equal

Not all SBOMs are created equal: understand the differences and choose the right one for your software supply chain security.

www.chainguard.dev

4

17

54

Chainguard ⛓️

@chainguard_dev

11 months

It’s no coincidence we started on the 1st day of Cybersecurity Awareness Month😎 14M+ images pulled 97.6% reduction in CVEs 4,400+ PRs merged @wolfi_os & more!! Grateful for all who helped us get here in the past 2 years. The future is bright & we are just getting started! 🚀

2

12

53

Chainguard ⛓️

@chainguard_dev

2 years

💪💪

1

6

51

Chainguard ⛓️

@chainguard_dev

1 year

Happy International Women’s Day! 💜🐙✨ #IWD2023

4

2

51

Chainguard ⛓️

@chainguard_dev

2 years

Spirit reached out to us for a collab since apparently this is in high demand 🪄

10

8

50

Chainguard ⛓️

@chainguard_dev

2 years

Ask our founders (except @lorenc_dan ) anything at #CNSCon Booth S12 happening now!!! 💜💜💜

2

5

50

Chainguard ⛓️

@chainguard_dev

6 months

Chainguard Developer Images are now available on Docker Hub! 🐳+🐙=🔐⛓ We're thrilled to announce that Chainguard has now become a Docker Verified Publisher! Learn about our partnership, and our mission to continue to be the safe source for open source:

1

11

49

Chainguard ⛓️

@chainguard_dev

2 years

“Treat build systems like production systems.”🤌 - @lorenc_dan

2

10

49

Chainguard ⛓️

@chainguard_dev

2 years

Happy Tuesday 🌞

3

8

48

Chainguard ⛓️

@chainguard_dev

2 years

🎉 New FREE Course from @LF_Training Securing Your Software Supply Chain with @projectsigstore Written by our guardians @lisaironcutter and John Speed Meyers Read all about it 👇

0

18

46

Chainguard ⛓️

@chainguard_dev

2 years

👀🐙😍

7

45

Chainguard ⛓️

@chainguard_dev

2 years

🚀Introducing Chainguard Enforce Signing, powered by @projectsigstore : generate digital signatures for software artifacts inside your own org! +🆕 in Enforce: 📒Security Policy Catalog 🛠️Enterprise Tooling Integrations 📚Enhanced Policy Mgmt ++more:

Unchained: Our Blog

Read the latest software supply chain & open source security updates, from our opinions on security technologies to research & remedies for the biggest threats.

www.chainguard.dev

6

27

44

Chainguard ⛓️

@chainguard_dev

2 years

We wrote a base image guide for you so you won't make regrettable mistakes. Read the whitepaper (PDF) 👇

0

10

42

Chainguard ⛓️

@chainguard_dev

2 years

WTF (really) happened with the GitHub typo squatting attack last week?! A recap by @lorenc_dan ⌨️🏋️

1

17

44

Chainguard ⛓️

@chainguard_dev

2 years

We are thrilled to have carried out the first dedicated Supply Chain Security Assessment of CRI-O using the #SLSA framework. This was part of a security audit in collaboration with @OSTIFofficial @CloudNativeFdn & others. Check out the report below.

OSTIF Official

@OSTIFofficial

2 years

Our audit of cri-o with @CloudNativeFdn @ADALogics @chainguard_dev is complete! We had some great security findings including high severity memory exhaustion bugs that led to CVEs for cri-o and containerd. You can view the full report here:

2

15

26

0

13

44

Chainguard ⛓️

@chainguard_dev

2 years

😳

2

6

44

Chainguard ⛓️

@chainguard_dev

2 years

Don’t forget to check your kid’s halloween candy! Last year, we found a log4shell in a Reese's cup. 😱

2

13

42

Chainguard ⛓️

@chainguard_dev

2 years

Summarize your coding style in 3 words 🤌

115

8

42

Chainguard ⛓️

@chainguard_dev

2 years

Caption this:

7

6

42

Chainguard ⛓️

@chainguard_dev

1 month

Oh hey, this looks familiar! 💜 Thank you, @NasdaqExchange ! 🥳

0

3

42

Chainguard ⛓️

@chainguard_dev

2 years

Don’t know where to start to learn more about supply chain security? Good news! We created a Software Supply Chain Reading List Get it 📚

1

17

41

Chainguard ⛓️

@chainguard_dev

3 years

Still curious about @github 's new support for keyless authentication? Read our post here on how to set up cryptographically-verifiable container builds using @projectsigstore cosign!

0

12

39

Chainguard ⛓️

@chainguard_dev

2 years

Appreciate your open source maintainers ❤️❤️❤️

1

7

41

Chainguard ⛓️

@chainguard_dev

2 years

Caption this 👹

14

2

38

Chainguard ⛓️

@chainguard_dev

2 years

Name a dev tool you *simply* can't live without:

44

3

40

Chainguard ⛓️

@chainguard_dev

2 years

🚀Our first ever spaces 🚀 Have questions on software supply chain security? Comment below!! 🤗

12

37

Chainguard ⛓️

@chainguard_dev

2 years

What can you say in a code review that you can also say at the dinner table? 🍟

72

4

38

Chainguard ⛓️

@chainguard_dev

11 months

When CISOs ask us how to deal with vulnerabilities 👏

3

9

40

Chainguard ⛓️

@chainguard_dev

1 year

Can we fix them? ⚒️👷😮‍💨

2

8

39

Chainguard ⛓️

@chainguard_dev

2 years

Things are only impossible until they're not. 🧑‍🎤👨‍🎤👩‍🎤

0

10

39

Chainguard ⛓️

@chainguard_dev

2 years

🤡

1

4

38

Chainguard ⛓️

@chainguard_dev

3 years

Learn what SBOMs can do for you from @puerco 👇

0

18

36

Chainguard ⛓️

@chainguard_dev

2 years

We ❤️ @KnativeProject and couldn’t be more excited about it being accepted as a @CloudNativeFdn project! Here’s why ⬇️

Knative is now a CNCF project, and why this matters for software security

Knative joins CNCF, boosting software security through open governance, wider adoption, and community-driven improvements.

www.chainguard.dev

0

8

36

Chainguard ⛓️

@chainguard_dev

2 years

Please sign your commits.😽

5

6

37

Chainguard ⛓️

@chainguard_dev

1 year

Last year we built and open-sourced the Rekor Search UI project. Today, we're excited to announce that we are donating it to @projectsigstore ! 😎

Chainguard contributes Rekor Search project to Sigstore

Chainguard announces its donating the Rekor Search UI project to Sigstore, allowing users to conveniently search entries in the public Rekor transparency log.

www.chainguard.dev

0

16

37

Chainguard ⛓️

@chainguard_dev

2 years

Log4j vulnerability: 1 year anniversary update 🫠

1

5

36

Chainguard ⛓️

@chainguard_dev

2 years

🥳We are thrilled to share that we have joined @CloudNativeFdn ! Cloud native is a fast-growing space and it’s of utmost importance for everyone to have secure supply chains. 🔐

0

5

36

Chainguard ⛓️

@chainguard_dev

2 years

Open source software is built on trust. That is why we support @pypi 's efforts to establish more security and trust within the Python ecosystem. 💚 🐍 @lorenc_dan @tracymiranda @lisaironcutter

We applaud PyPI steps to make Python more secure

Chainguard applauds PyPI's mandatory 2FA for critical projects, a step towards securing the Python software supply chain.

www.chainguard.dev

0

10

36

Chainguard ⛓️

@chainguard_dev

1 year

We are honored to be awarded $200,000 by @dhsscitech , to create an SBOM composition tool by developing the conceptual schema of how to join SBOMs. We will also create test suites of both individual and combined SBOMs! 🚀💣 Congrats to all awardees!!

0

5

36

Chainguard ⛓️

@chainguard_dev

3 years

We're thrilled to share that @chainguard_dev 's @lorenc_dan has been elected to @theopenssf Technical Advisory Council (TAC). The TAC works together to develop the technical vision for the open source community to tackle securing the software lifecycle. Congratulations!

brianbehlendorf

@brianbehlendorf

3 years

Congrats to @lorenc_dan @rdcallaw @infernosec and @decodebytes for their election to @theopenssf Technical Advisory Council, and congrats to @iancoldwater for their re-election as the Security Community Individual Representative to the OpenSSF board. 🗳️ 🎉🎉🎉

3

26

130

1

5

35

Chainguard ⛓️

@chainguard_dev

1 year

🆕 Chainguard Images updates to better support development teams to secure their software supply chain: 🗃️Introducing Images Catalog *💯+ hardened images available* ‍🔐Authentication for proactive security guidance ‍🏗️Reliable infrastructure

Scaling Chainguard Images with a growing catalog and proactive security updates

Chainguard Images boosts support for enterprise development teams with expanded catalog offerings, a dedicated registry, and proactive security notifications.

www.chainguard.dev

1

16

36

Chainguard ⛓️

@chainguard_dev

2 years

Security engineers trying to fix a hack after months of warning their CISO about known vulnerabilities 🫠

1

3

36

Chainguard ⛓️

@chainguard_dev

3 years

Keyless signing is now available on @Azure AKS. Learn how to perform seamless keyless signing with @projectsigstore and @tektoncd on AKS by @nghiatc

0

15

36

Chainguard ⛓️

@chainguard_dev

3 years

Learn more about Fulcio, @projectsigstore 's free code signing CA, here:

0

13

36

Chainguard ⛓️

@chainguard_dev

2 years

The one security engineer at the company keeping up with product launches 🎢😵‍💫

3

5

35

Chainguard ⛓️

@chainguard_dev

2 years

🤡

2

4

35

Chainguard ⛓️

@chainguard_dev

2 years

Date yourself by naming a video game you played as a kid 🎮

153

2

34

Chainguard ⛓️

@chainguard_dev

2 years

SBOM generation tools can produce different results 🤔 How do we reconcile this? Read this post by @puerco to learn how to deal with multiple SBOMS 👇

Dealing with multiple SBOMs

Managing multiple SBOMs: Strategies for consolidating and utilizing multiple SBOMs to gain a comprehensive view of software components and dependencies.

www.chainguard.dev

1

14

35

Chainguard ⛓️

@chainguard_dev

2 years

Just when you're feeling accomplished...

2

5

35

Chainguard ⛓️

@chainguard_dev

2 years

no words, just results 😎

10

11

34

Chainguard ⛓️

@chainguard_dev

2 years

*insert humble brag here* 🤭💪

The 13 most promising cybersecurity startups of 2022, according to VCs

Cybersecurity startups are cashing in on a hot market. Here are the 13 most promising cybersecurity tech startups of 2022, according to VCs.

www.businessinsider.com

1

3

34

Chainguard ⛓️

@chainguard_dev

2 years

Join us for an (almost) CHAINSMAS😈 chat on our favorite topic🎄 ✨On the agenda✨ 📝Highlights of 2022 🎁What to expect in 2023 🤓Ask us anything software security What else do you want us to cover? Comment below with questions!! 💜

4

13

34

Chainguard ⛓️

@chainguard_dev

2 years

Sunday after a big week vibes 😌

0

1

34

Chainguard ⛓️

@chainguard_dev

1 year

Do you have high standards for a secure base image? We launched the perfect app for that. 😉 Meet GitCommitted 💞

1

20

32

Chainguard ⛓️

@chainguard_dev

2 years

Today Chainguard researcher, Zack Newman chatted with students from @NCState about @projectsigstore & the importance of code signing. Thank you to the Computer Science Dept @cscncsu for hosting us! 🥳

0

5

34

Chainguard ⛓️

@chainguard_dev

2 years

apko 0.1 🔹 new tool 🔹 build APK-based images from scratch 🔹 use only the necessary components 🔹 first step to "distroless" for @AlpineLinux 🔹 reproducible images w/minimal attack surface

Introducing apko: bringing distroless nirvana to Alpine Linux

Introducing apko, a tool for building minimal, secure, and reproducible "distroless" container images from Alpine Linux, enhancing software supply chain security

www.chainguard.dev

0

5

32

Chainguard ⛓️

@chainguard_dev

1 year

Happy Monday, friends! 🥳

0

3

32

Chainguard ⛓️

@chainguard_dev

2 years

Sorry @lorenc_dan , not even if the “CEO” asks.

5

2

33

Chainguard ⛓️

@chainguard_dev

2 years

Gratitude thread: Tag an open-source maintainer you appreciate 🥰

16

2

33

Chainguard ⛓️

@chainguard_dev

2 years

Congratulations to the @KnativeProject ! @chainguard_dev ❤️ @KnativeProject We wrote about why this news matters for software security:

Knative is now a CNCF project, and why this matters for software security

Knative joins CNCF, boosting software security through open governance, wider adoption, and community-driven improvements.

www.chainguard.dev

CNCF

@CloudNativeFdn

2 years

[NEWS] We're excited to welcome the @KnativeProject to the #CNCF Incubator! 👋 🤗 Read more about the project 👉

1

67

138

1

11

32

Chainguard ⛓️

@chainguard_dev

2 years

Wise words from @priyawadhwa16 at #SigstoreCon 🤗

1

6

33

Chainguard ⛓️

@chainguard_dev

2 years

As part of today’s White House Open Source Security Summit, we are calling on the broader industry and governments to standardize digital signatures for software security with @projectsigstore from @theopenssf Read more ⬇️

A call to standardize on digital signatures for software security with Sigstore

Chainguard calls for software industry standardization on Sigstore and government support, pledging resources to the OpenSSF's public infrastructure.

www.chainguard.dev

0

18

31

Chainguard ⛓️

@chainguard_dev

1 year

✅Bucket list accomplished in bucket hats: The Chainguard founders and our investors, @TheChainsmokers , in Las Vegas last week. Great to connect with so many customers and security leaders during this special experience co-hosted with @mantisVC ! ⛓️

4

33

Chainguard ⛓️

@chainguard_dev

2 years

OH @ #Kubecon : 2022 became the year of software supply chain security. 🔐

1

3

33

Chainguard ⛓️

@chainguard_dev

2 years

Happening NOW: ☸️ From K8s with ❤️ Open Tools for Open, Secure Supply Chains with @puerco 🫶🙌 #OSSummit

1

4

33

Chainguard ⛓️

@chainguard_dev

3 years

The Chainguard team went to KubeCon + CloudNativeCon North America 2021 and is now back and fresh. Time for some quick reflection...

0

7

31

Chainguard ⛓️

@chainguard_dev

11 months

Your artisanally crafted single-origin app, on top of whatever vulnerability-laced base image you use today ☕️

2

3

32

Chainguard ⛓️

@chainguard_dev

10 months

#KUBECON CHICAGO, we’re locked in! 📍Booth Q12 🔐Security in Session 💃OSS Security Soirée 🎤Kuberoke 🥳 PartyCon ‘23 Check our full schedule of speakers, enter to win a Maersk Line Lego container ship & save your spots👇 We can’t wait to meet you! ☸️

6

9

32

Chainguard ⛓️

@chainguard_dev

2 years

🤓

4

1

32

Chainguard ⛓️

@chainguard_dev

2 years

🥰 SOFTWARE SUPPLY CHAIN SECURITY COMMUNITY GRATITUDE TWEET! 🤝 We're thankful to be working together to help make software more secure for all. 💜 Let's tag folks we're grateful for and want to recognize in this thread:

4

6

32