Sold by: ChainguardÂ
Deployed on AWS
Chainguard Images are a collection of minimal, hardened container images that are patched and rebuilt daily, and come with low-to-zero known CVEs, SLSA 2 compliance, signatures, and SBOMs.
Overview
Chainguard Images are a collection of minimal, hardened container images. They only contain what is required to build or run your application, delivering on average a 97.6% reduction in CVEs. Each Chainguard Image is patched and rebuilt daily from source with the latest security fixes and CVE remediations, resulting in low-to-zero known CVEs, verifiable image signatures and attestations, high-quality SBOMs, and SLSA Level 2 - Build compliance.
The Chainguard Images inventory contains images for the most popular base images, including Go, Python, Ruby, PHP, Node, and more; and a selection of common developer tools, applications, data products, and servers.
Chainguard Production Images are available for FIPS compliance, major and minor versions, enterprise SLAs, and customer support. Chainguard offers custom pricing through AWS Marketplace Private Offers.
Chainguard provides custom pricing for customers via Private Offer. Please contact AWS-marketplace@chainguard.dev for more information on our pricing model. Pricing displayed is per Image.
Highlights
- Low-to-zero known CVEs with daily patches and rebuilds
- Full SLSA Build Level 2 provenance, signatures, and SBOMs
- Images with FIPS validation available upon request
Details
Sold by
Categories
Delivery method
Deployed on AWS
Unlock automation with AI agent solutions
Fast-track AI initiatives with agents, tools, and solutions from AWS Partners.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Starter Images | :latest version of OSS packages | $0.00 |
Application Image | The listed pricing is for illustrative purposes only and does not reflect actual pricing, which will be provided upon request, exclusively as part of a private offer from Chainguard | $0.01 |
Base Image | The listed pricing is for illustrative purposes only and does not reflect actual pricing, which will be provided upon request, exclusively as part of a private offer from Chainguard | $0.01 |
FIPS Image | The listed pricing is for illustrative purposes only and does not reflect actual pricing, which will be provided upon request, exclusively as part of a private offer from Chainguard | $0.01 |
AI Image | The listed pricing is for illustrative purposes only and does not reflect actual pricing, which will be provided upon request, exclusively as part of a private offer from Chainguard | $0.01 |
Standard CSM | The listed pricing is for illustrative purposes only and does not reflect actual pricing, which will be provided upon request, exclusively as part of a private offer from Chainguard | $0.01 |
Vendor refund policy
Contact us for refund information
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA)Â .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Chainguard
By Hardened Images
By RapidFort Inc
Top
10
In Application Stacks, Operating Systems
Top
100
In Collaboration & Productivity, Application Development
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Container Image Security
Minimal and hardened container images with low-to-zero known CVEs through daily patching and rebuilding
Compliance Verification
SLSA Level 2 build compliance with verifiable image signatures and attestations
Software Bill of Materials
High-quality Software Bill of Materials (SBOMs) generated for each container image
Image Minimalism
Container images containing only essential components required for application build or runtime
Cryptographic Integrity
Cryptographic signatures and provenance tracking for container image validation
Security Configuration
Pre-configured security safeguards with minimized attack surfaces and default protective measures
Compliance Framework
Vendor-neutral security configuration aligned with multiple cybersecurity compliance standards
System Optimization
Preconfigured Linux system tailored for system administrators, security experts, and platform deployment professionals
Security Standard Adherence
Image developed through consensus-based approach following industry-recognized security benchmarks
Vulnerability Reduction
Automatically removes up to 95% of Common Vulnerabilities and Exposures (CVEs) without requiring code modifications
Software Supply Chain Security
Generates high-quality Software Bill of Materials (SBOMs) in multiple standard formats including JSON, SPDX, and Cyclone DX
Continuous Security Hardening
Provides daily patched and hardened images for operating systems, frameworks, and applications with near-zero vulnerability status
CI/CD Integration
Supports seamless integration with multiple popular continuous integration and container deployment platforms through API calls
Compliance Automation
Enables compliance with security standards including FedRAMP, DSS, and PCI through automated vulnerability management and remediation
Standard contract
No
Customer reviews
0 ratings
0 AWS reviews
|
40 external reviews
Star ratings include only reviews from verified AWS customers. External reviews can also include a star rating, but star ratings from external reviews are not averaged in with the AWS customer star ratings.
Insurance
Great product, great customer service
Reviewed on Jul 24, 2025
Review provided by G2
What do you like best about the product?
A wealth of images and packages at the highest standard of security.
What do you dislike about the product?
It’s kinda pricey for a startup, but, ultimately, worth it
What problems is the product solving and how is that benefiting you?
Building rocket images on top of very secure base images, using secured packages.
Charlie G.
The gold star vendor: sales, onboarding implementation, support, and product
Reviewed on Jul 24, 2025
Review provided by G2
What do you like best about the product?
The chainguard team was able to meet us where we were at, move extremely quickly to meet our deadlines, and everything _just worked_.
What do you dislike about the product?
Wiz sometimes detects false positives in cgr images.
What problems is the product solving and how is that benefiting you?
Passing audits, and getting our vuln counts to zero.
Naweed J.
Why we chose Chainguard for securing container images
Reviewed on May 27, 2025
Review provided by G2
What do you like best about the product?
Chainguard’s minimalist, hardened container images with zero known CVEs, is going to significantly reduce our vulnerability management overhead. Not having to constantly chase patch cycles will save our teams countless hours.
The images are not just secure by default but gives us the confidence in both their integrity and provenance. We are currently looking at wider adoption across our teams and the society. What sets Chainguard apart is their commitment to transparency and compliance, making them a top choice for organisations with high security and regulatory requirements. If you are looking to build a secure, resilient container strategy, Changuard is worth serious consideration.
The images are not just secure by default but gives us the confidence in both their integrity and provenance. We are currently looking at wider adoption across our teams and the society. What sets Chainguard apart is their commitment to transparency and compliance, making them a top choice for organisations with high security and regulatory requirements. If you are looking to build a secure, resilient container strategy, Changuard is worth serious consideration.
What do you dislike about the product?
This is very stage at the moment, but we look forward to working closely with Chainguard for feedbacks we get from our team as we start our wider rollout.
What problems is the product solving and how is that benefiting you?
We spend countless hours triaging CVEs, chasing patches and validating fixes - only to repeat the process when another image or dependency gets flagged. This endless cycle drains time, and slows down releases, Chainguard addresses this by eliminating the problem at the source with their secure, minimal images.
Shift left has become a must in modern DevSecOps, pushing security earlier into the development cycle to catch vulnerabilities before they reach production. By embedding security early in our CICD pipelines, Chainguard will allow the team to focus on building features and not fixing vulnerabilities, it's about making left lighter.
Shift left has become a must in modern DevSecOps, pushing security earlier into the development cycle to catch vulnerabilities before they reach production. By embedding security early in our CICD pipelines, Chainguard will allow the team to focus on building features and not fixing vulnerabilities, it's about making left lighter.
Financial Services
Fantastic Product and an Even Better Team!
Reviewed on May 23, 2025
Review provided by G2
What do you like best about the product?
From scoping to project completion the Chainguard team was amazing to work with and provided excellent customer support! The ease of use, implementation and integration also helped! Looking forward for new features being released!
What do you dislike about the product?
I have found no issue while working with the product so far!
What problems is the product solving and how is that benefiting you?
Chainguard is helping us reduce vulnerabilities by shifting left and reducing engineering time that it takes to patch vulnerabilities, saving us time and money!
Chandra G.
Secure, Minimal, and Well-Supported — A Great Experience with Room for Transparency Improvements
Reviewed on May 19, 2025
Review provided by G2
What do you like best about the product?
Chainguard Images have been a transformative addition to our software supply chain strategy. The minimal, hardened, and continuously verified container images significantly reduce our attack surface while ensuring compliance and operational reliability.
One of the biggest pain points in container security is managing outdated or bloated base images filled with vulnerabilities. Chainguard solves this brilliantly with distroless, signed images that are continuously updated and come with built-in provenance and SBOMs. It’s clear they’ve thought deeply about what modern development teams need to build secure-by-default applications.
What really sets Chainguard apart, though, is their exceptional support. From day one, their team has been proactive, responsive, and genuinely invested in our success. Whether it was help with integration, optimizing our image choices, or answering security policy questions, their support engineers went above and beyond. Their documentation is also thorough and developer-friendly, which makes onboarding smooth and intuitive.
In summary: Chainguard Images bring peace of mind to any DevSecOps team, and their world-class support makes them a true partner in software supply chain security. Highly recommended for anyone building or deploying containers in a production environment
One of the biggest pain points in container security is managing outdated or bloated base images filled with vulnerabilities. Chainguard solves this brilliantly with distroless, signed images that are continuously updated and come with built-in provenance and SBOMs. It’s clear they’ve thought deeply about what modern development teams need to build secure-by-default applications.
What really sets Chainguard apart, though, is their exceptional support. From day one, their team has been proactive, responsive, and genuinely invested in our success. Whether it was help with integration, optimizing our image choices, or answering security policy questions, their support engineers went above and beyond. Their documentation is also thorough and developer-friendly, which makes onboarding smooth and intuitive.
In summary: Chainguard Images bring peace of mind to any DevSecOps team, and their world-class support makes them a true partner in software supply chain security. Highly recommended for anyone building or deploying containers in a production environment
What do you dislike about the product?
One area that could use improvement is transparency around source code and SBOM (Software Bill of Materials) access. While the images are secure and well-maintained, having easier access to corresponding source repositories and complete SBOMs—preferably in an automated or standardized format—would help us meet internal audit and compliance requirements more seamlessly.
What problems is the product solving and how is that benefiting you?
The built-in signing, provenance, and emphasis on secure defaults have given our team increased confidence in what we’re deploying. Integration was straightforward, and the developer experience has been smooth from the start.