The AI-powered factory rebuilding open source

Reconciler bots and AI agents run continuously across our entire catalog — so every artifact you get from Chainguard meets the same security standard.

Talk to an expert Get started free

$chainguard factory --watch✓monitoring 2,847 upstream sourcesregistries · repos · CVE feeds · distro trackers

↻drift detected: nginx@1.27.4 → 1.27.5✓reconciler started · diffing desired vs. actualapplying patch · queuing rebuild

!reconciler stuck: patch conflict at NGINX/conf.d:42↳dispatching agent.fix-patch✓resolved in 4.2s · retrying build

✓build passed · tests passed · SLSA L3 attested✓signed: sha256:9c8a3f…d4→delivered: cgr.dev/chainguard/nginx:1.27.5

Why we built it

A factory built for what's coming.

Modern security demands artifacts that are always up to date, and the only way to deliver that at scale is to rebuild them, automatically, around the clock. So we built a factory that does exactly that. Thousands of artifacts, every shape your team needs, all kept current to the same hardened standard.

Containers

Minimal container images with a best-in-class SLA for CVE remediation.

Learn more

Libraries

A guarded catalog of libraries that protect against supply chain attacks.

Learn more

VMs

Optimized virtual machine images rebuilt from source daily.

Learn more

OS Packages

Secure ingredients for custom container builds.

Learn more

Actions

Secure-by-default CI/CD workflows for safer pipelines.

Learn more

Agent Skills

A continuously maintained catalog of hardened AI agent skills.

Learn more

Powered by Chainguard Factory

An agentic software factory run by open source experts.

Discover the factory

Why the Factory earns its trust

Every layer of the supply chain has its own attack surface. The Factory applies a specific control to each.

SHA-pinned source inputs

Every build starts with an immutable SHA reference to the upstream source. If a maintainer's account is compromised and bad code is ingested, we detect it immediately.

Cryptographic verification end-to-end

We sign every artifact we ship. If anyone tampers with it in transit or in a registry, the signature breaks and you catch it.

Built from source in an isolated environment

Every package is rebuilt from source in an isolated SLSA L3 environment on our own minimal OS, no pre-built binary can ingest malicious code into your stack.

Supervisor / guest separation

The privileged orchestration code is strictly isolated from untrusted upstream code during builds. Even if that code is malicious, it can't reach our signing keys.

Bitwise reproducibility

Every image is rebuilt with a separate apko toolchain to produce a bitwise-equivalent result. An attacker would have to compromise both to evade detection.

Production hygiene

Stolen credentials become useless within 24 hours. Hardware-key MFA can't be phished. Even authorized users get flagged the moment access looks unusual.

Where Chainguard fits into your stack and SDLC

Chainguard Containers Chainguard Libraries Chainguard VMs Chainguard OS Packages Chainguard Actions Chainguard Agent Skills

Results that speak for themselves

A secure foundation for software development and deployment

352,000+

Engineering Hours Saved

88,000+

CVEs Remediated

20 hours

avG remediation time for critical cves

80%

Reduction in Attack Surface

97.6%

Avg. Reduction in CVEs

Execute commandCG System prompt

The AI-powered factory rebuilding open source

A factory built for what's coming.

Containers

Libraries

VMs

OS Packages

Actions

Agent Skills

Powered by Chainguard Factory

Why the Factory earns its trust

SHA-pinned source inputs

Cryptographic verification end-to-end

Built from source in an isolated environment

Supervisor / guest separation

Bitwise reproducibility

Production hygiene

Where Chainguard fits into your stack and SDLC

A secure foundation for software development and deployment

$ chainguard learn --more