Chainguard Images
ChainguardExternal reviews
44 reviews
from
External reviews are not included in the AWS star rating for the product.
We used chainguard base images to
What do you like best about the product?
Using chainguard essentially eliminates container library vulnerabilities coming from our Docker base images (as well as standard package installs!). When we scan our chainguard based images with grype, or snyk, the only vulnerabilities left are from our application installs. We are in the process of implementing chainguard base images across the enterprise, and are expecting over 80% reduction in open vulnerabilities across the board. Chainguard's customer support is excellent, they are one of the best software vendors I have ever worked with.
What do you dislike about the product?
The only real downside is you have to modify your Dockerfiles to work with the Wolfi OS, which is alpine-like (i.e. you have to use apk, etc.) If your current base image is not alpine based, there is some learning curve and work.
What problems is the product solving and how is that benefiting you?
We have a significant backlog of known container vulnerabilities in our containers. Hardening and managing clean base images is a lot of work and takes specialized expertise that our development teams don't have. Changuard provides base images that work out of the box for most of our tech stacks and alleviates the need to manage hardened base images ourselves.
Simplifying security
What do you like best about the product?
Security is hard on its own, and while many vendors focus on selling detection products, Chainguard does the opposite and solve a painful problem with little effort from users.
What do you dislike about the product?
Chainguard offers some free to use images, but only "latest" version and not stable versions. This makes impossible to use as an individual or for open source projects.
What problems is the product solving and how is that benefiting you?
Zero security vulnerability containers.
My experiences using Chainguard Nodejs base image was amazing!
What do you like best about the product?
- Very small image size,
- Very small to none CVEs from my experiences.
- Very large repo supporting many languages and technologies,
- Ease to use,
- Ease of implementation.
- Very small to none CVEs from my experiences.
- Very large repo supporting many languages and technologies,
- Ease to use,
- Ease of implementation.
What do you dislike about the product?
A great part of it, is free, but for some custom implementation or features , you may pay.
What problems is the product solving and how is that benefiting you?
CVEs, better quality software.
Chainguard makes securing applications much easier
What do you like best about the product?
It's simplicity. Changing from a regular Image to use a Chainguard image as the base helps mitigate a lot of vulnerabilities, and it's a change any developer would be able to easily implement.
This is something that I would recommand to any developer or business that is looking to harden their applications. Securing the base image is the first step everyone should take.
This is something that I would recommand to any developer or business that is looking to harden their applications. Securing the base image is the first step everyone should take.
What do you dislike about the product?
I have some uncertaincies about what the support will look like for users using the Developer Free tier in the future. Would like them to sllow all image versions and not just latest/stable for Free Tier.
What problems is the product solving and how is that benefiting you?
Bring simplicity to security. It hardens the application image that our containers use to run.
Game-Changer
What do you like best about the product?
Since implementing Chainguard's hardened base images, we've seen a dramatic reduction in vulnerabilities—over 70%. This reduction not only enhances our security posture but also saves our engineering teams an enormous amount of time that would otherwise be spent on vulnerability management and patching. Chainguard's approach introduces excellent security practices out of the box, meaning our engineers no longer have to worry about critical security concerns like rootless containers, proper permissions, and secure registries.
Chainguard sets itself apart by providing supply chain security through purpose-built packages in their registry, making it clear that while competitors might still be playing catch-up in the minor leagues, Chainguard is clearly in a league of its own, setting the standard for supply chain security. We've maximized the value of these images by ensuring reuse across our organization, categorizing images into language-based and application-based groups. This strategy allows us to gain the most value through frequent reuse of language-based images, while our centralized platform engineering teams benefit from using application-specific images at a different scale.
To drive adoption, we've integrated Chainguard images into our centralized internal developer portal, which our developers are already familiar with and use regularly. This seamless integration has significantly boosted adoption rates, further supported by our vulnerability management reduction program. Through this program, we've been able to recommend Chainguard images, reassuring teams that transitioning will save time and energy.
The service level agreements (SLAs) provided by Chainguard are also very attractive. The high speed of image updates ensures that we are always protected with the latest security enhancements. We've even integrated Chainguard into our automatic update tools, so our developers are always confident that they're working with the most up-to-date versions.
Overall, Chainguard's hardened base images have been a game-changer for our organization, providing unparalleled security, efficiency, and peace of mind.
Chainguard sets itself apart by providing supply chain security through purpose-built packages in their registry, making it clear that while competitors might still be playing catch-up in the minor leagues, Chainguard is clearly in a league of its own, setting the standard for supply chain security. We've maximized the value of these images by ensuring reuse across our organization, categorizing images into language-based and application-based groups. This strategy allows us to gain the most value through frequent reuse of language-based images, while our centralized platform engineering teams benefit from using application-specific images at a different scale.
To drive adoption, we've integrated Chainguard images into our centralized internal developer portal, which our developers are already familiar with and use regularly. This seamless integration has significantly boosted adoption rates, further supported by our vulnerability management reduction program. Through this program, we've been able to recommend Chainguard images, reassuring teams that transitioning will save time and energy.
The service level agreements (SLAs) provided by Chainguard are also very attractive. The high speed of image updates ensures that we are always protected with the latest security enhancements. We've even integrated Chainguard into our automatic update tools, so our developers are always confident that they're working with the most up-to-date versions.
Overall, Chainguard's hardened base images have been a game-changer for our organization, providing unparalleled security, efficiency, and peace of mind.
What do you dislike about the product?
The documentation at times fall a little behind and the modern authentication mechanisms at times can create difficulties in integrating with other existing platforms that are not yet supportive of technologies like OIDC. Quite a few of the images require rework to convert from a standard Dockerhub image however, I believe that's expected.
What problems is the product solving and how is that benefiting you?
Reducing container, image, vulnerabilities and creating a solid secure base to build upon
Time-Saving, Secure Containers Solutions!
What do you like best about the product?
Chainguard allows developers to save a lot of time and effort by providing ready-to-use container images that are secure. In addition, the images provided are very lightweight.
What do you dislike about the product?
The custom linux distribution may be harder to work with, but wolfi-base is still quite similar to Alpine and hence not too complex.
What problems is the product solving and how is that benefiting you?
They provide off the shelf image solutions to secure you deployment/release containers. In other words, Chainguard allows you to secure the environment in which you deploy your applications to.
Chainguard has changed the game when it comes to remediating vulns in images.
What do you like best about the product?
I love the ease of use for our dev teams to switch over and cut their vulnerabilities down. Integrating it into our pipelines has been very easy. Customer support has been excellent and responsive.
What do you dislike about the product?
At this time of using the product I do not have any dislikes
What problems is the product solving and how is that benefiting you?
Teams have been struggling to bring their vulnerabilities down on their images. This takes so much off their plates and not having to worry about it.
Looking for the best distroless images on the market? Chainguard is the way to go!
What do you like best about the product?
I wrote a paper on container image security, evaluating the security of containers through reduction of potentially vulnerable components. It concludes that the usage of component reduction methods significantly reduces the amount of security vulnerabilities within container images. It also finds that, even though the probability of exploitation of the majority of vulnerabilities found by scanners is very low, employing them still is a strategically sound decision. When comparing different images with component reduced (i.e. "distroless images") alternatives, chainguard did by far the best job. As a consultant supporting product security teams in large enterprises we are recommending to integrate chainguard images to development teams and decision makers. It will save a lot of dicsussions, headaches and money!
Please find the paper here: https://mwager.de/assets/component_reduction_paper.pdf
Please find the paper here: https://mwager.de/assets/component_reduction_paper.pdf
What do you dislike about the product?
Nothing so far. Have a look at the paper, it clearly shows that Chainguard did the best job compared to all other alternatives.
What problems is the product solving and how is that benefiting you?
Chainguard provides container images containing zero CVEs (security vulnerabilities within the supply chain) for a lot of relevant runtimes and popular services, is easy to use and integrate and also provides excellent documentation.
Minimal and easy to use
What do you like best about the product?
Our workloads are entirely statically linked binaries so we were looking for a minimal base image and Chainguard's static image perfectly fits the bill.
What do you dislike about the product?
We don't use other chainguard images since we'd only have access to the latest image, and our infrastructure relies heavily on reproducibility which we can't guarantee with floating tags.
What problems is the product solving and how is that benefiting you?
Never having to worry about CVEs in our main application container images.
Excellent solution to a significant security problem
What do you like best about the product?
Knowing what's actually running in the container images you're using in your infrastructure has always been a security weakness of the container ecosystem. Chainguard makes it relatively simple to verify that your imagines are clean of significant vulnerabilities.
What do you dislike about the product?
The system is as good as practically possible but, at the end of the day, you're still relying on outsiders for your security.
What problems is the product solving and how is that benefiting you?
Chainguard makes it possible to ensure the container images you use are clean of vulnerabilities.
showing 21 - 30