We’re excited to deliver Remodel 2022 again in-person July 19 and nearly July 20 – 28. Be part of AI and knowledge leaders for insightful talks and thrilling networking alternatives. Register in the present day!
At the moment, safety firm Chainguard introduced its first product, Chainguard Implement, an open-source provide chain safety software that’s constructed natively for Kubernetes.
The answer permits customers to outline, handle, and distribute safety insurance policies throughout their Kubernetes environments to make sure that solely trusted container photos are deployed in clusters.
Chainguard Implement permits safety groups to mitigate provide chain threats in Kubernetes manufacturing environments, by giving them extra management over what’s allowed and providing extra transparency over the code working.
Securing the availability chain
Chainguard Implement’s launch comes as extra organizations have gotten more and more involved over cyber criminals attacking vulnerabilities within the software program provide chain, with research spotlight that provide chain assaults grew by over 300% in 2021 in comparison with 2020.
These assaults have elevated dramatically as attackers have realized organizations are failing to safe infrastructure from third-party suppliers.
As an example, CrowdStrike discovered that solely 36% of organizations had vetted all new and present suppliers for safety functions within the final 12 months.
“Most organizations don’t have a transparent image of what code is working in manufacturing, the place it got here from and the way it was constructed. This drawback is compounded with the usage of open-source software program and the sheer variety of dependencies which can be intertwined. It’s unattainable to determine what code ought to be trusted or not when the info merely isn’t obtainable to make these choices,” mentioned Chainguard’s cofounder and CEO Dan Lorenc.
“Moreover, organizations spend an exorbitant period of time after a provide chain assault making an attempt to evaluate in the event that they’re working the susceptible software program and impacted. Chainguard Implement gives the integrations, tooling insights, and security-controls that make this drawback tractable,” Lorenc mentioned.
Chainguard Implement presents managable options for safety considerations in manufacturing environments by rising transparency over what’s working whereas giving them the data they should make evidence-based belief choices on what ought to and shouldn’t be allowed to run in manufacturing.
The software program provide chain safety market
With the SolarWinds breach first highlighting the necessity for provide chain safety two years in the past, and extra lately the Log4j vulnerability wreaking havoc on enterprises around the globe, many safety suppliers have stepped as much as handle the problem of securing the availability chain, to compete with Chainguard.
One such competitor is Synopsys, which presents an utility safety resolution with software program composition evaluation that may detect open-source vulnerabilities in growth and manufacturing. Synopsys lately introduced that it had generated practically $1.2 billion in revenue for the fourth quarter of 2021.
One other competitor is the lately launched Israeli startup, Legit Security, which earlier this 12 months raised $30 million as a part of a collection A funding spherical, with a software-as-a-service (SaaS)-based software program provide chain safety resolution, that may robotically uncover pipelines, infrastructure, code, and different software program growth life cycle (SDLC) belongings, so customers can determine vulnerabilities all through their environments.
Whereas the availability chain safety market is in its infancy, Chainguard Implement is seeking to differentiate itself by turning into the definitive provide chain safety resolution for securing the Kubernetes providers that many organizations depend on.
