# Chainguard

**Source:** https://geo.sig.ai/brands/chainguard  
**Vertical:** Security  
**Subcategory:** General  
**Tier:** Emerging  
**Website:** chainguard.dev  
**Last Updated:** 2026-04-14

## Summary

Seattle software supply chain security (founded 2021); $892M+ raised, $3.5B valuation (Apr 2025), $40M ARR growing 640% YoY with zero-CVE container images for ANZ Bank/Canva/GitLab competing with Snyk for DevSecOps.

## Company Overview

Chainguard is a Seattle, Washington-based software supply chain security company — having raised over $892 million total including a $356 million Series D in April 2025 at a $3.5 billion valuation and an additional $280 million growth financing from General Catalyst's Customer Value Fund in late 2025 — providing enterprises with hardened open source container images and virtual machine base images rebuilt from source daily with zero known CVEs (common vulnerabilities and exposures), eliminating the vulnerability debt that accumulates in standard open source distributions. Founded in 2021 by CEO Dan Lorenc (9 years at Google securing code and infrastructure), Kim Lewandowski (Google representative on the Open Source Security Foundation Governing Board), Matt Moore (Google, creator of the original "distroless" container image), and Ville Aikas (co-founder of Kubernetes), Chainguard's founding team pioneered the open source supply chain security concepts — sigstore (code signing), SLSA (supply chain levels for software artifacts), and distroless containers — that became CISA and NIST software security standards. The company grew from ~$5 million ARR in 2023 to $40 million ARR by January 2025 (640% year-over-year growth) and projects exceeding $100 million ARR before end of 2026. Chainguard serves 150+ paying enterprise customers including ANZ Bank, Canva, GitLab, HPE, Snap, Wiz, and Anduril.

Chainguard's minimal container image model addresses the vulnerability accumulation problem that standard open source distributions create for enterprise security teams: a standard Ubuntu or Debian base container image packages hundreds of OS libraries (curl, OpenSSL, Python, glibc) that were included for developer convenience but are unnecessary for production container workloads — creating a CVE surface area of 100-500 known vulnerabilities in base images that security scanners flag but operations teams cannot patch fast enough given daily CVE publication rates. Chainguard's approach (rebuilding each container image from verified source code daily, including only the runtime dependencies each specific workload requires, and generating cryptographically signed SBOMs — software bills of materials — for each build) produces container images with zero known CVEs at the time of release, reducing the vulnerability backlog that security teams must triage and eliminating the attacker surface from unused library packages.

In 2025, Chainguard competes in the software supply chain security, container security, and open source software governance market with Red Hat (private/IBM subsidiary, RHEL and UBI container images), Snyk (private, developer security platform, $7.4B valuation), and Wiz (private, cloud security platform, $16B valuation post-Google-acquisition) for enterprise DevSecOps and container security platform adoption driven by CISA secure-by-default software mandates and SEC cybersecurity disclosure requirements. The $636 million raised in 2025 alone (Series D + General Catalyst growth financing) reflects investor conviction that software supply chain security spending is accelerating as AI-generated code and open source dependency sprawl dramatically expand the attack surface that enterprise security programs must defend. Chainguard's catalog of 1,000+ container images and VMs covers the major open source runtimes (Java, Python, Node.js, Go, Ruby, PHP) that enterprise applications depend on. The 2025 strategy focuses on expanding the catalog to cover every significant open source runtime, growing enterprise sales through direct and cloud marketplace channels, and building the AI model security capabilities (securing AI inference container images and model supply chains) that the AI infrastructure market requires.

## Frequently Asked Questions

### What is Chainguard?
Chainguard provides the trusted source for open source software through ultra-secure container images, virtual machines, and libraries built from source with zero known vulnerabilities. The company rebuilds open source software daily to eliminate vulnerabilities at the source rather than just scanning for them.

### Who are Chainguard's customers?
Chainguard serves over 150 paying enterprise customers including ANZ Bank, Canva, GitLab, HPE, Snap, Wiz, and Anduril. Customers span financial services, technology, healthcare, and other industries requiring strong software supply chain security.

### When was Chainguard founded?
Chainguard was founded in 2021 by Dan Lorenc, Matt Moore, Kim Lewandowski, and Ville Aikas—all veterans of Google's open source and cloud security teams with backgrounds in Kubernetes, Sigstore, and other foundational cloud-native projects.

### Where is Chainguard based?
Chainguard is headquartered in Kirkland, Washington. The company operates fully remote with 350+ employees and hosts bi-annual destination summits for team meetups, fostering a remote-first culture with strong collaboration.

### How much funding has Chainguard raised?
Chainguard has raised $892 million in total funding across six rounds: Seed (Amplify Partners), Series A (Sequoia), Series B ($61M), Series C ($140M), Series D ($356M), and growth financing ($280M). The company achieved a $3.5 billion valuation in April 2025.

### What makes Chainguard different from competitors?
Unlike traditional security vendors that scan for vulnerabilities, Chainguard rebuilds open source software from source daily, starting with zero known vulnerabilities. This vertically integrated approach controls the entire software supply chain from OS to final container image, eliminating vulnerabilities at the source.

### Who are Chainguard's main competitors?
Chainguard competes with container security vendors like Snyk, Aqua Security, and Sysdig, which focus on scanning existing images. Chainguard differentiates through its rebuild-from-source approach. The company also competes indirectly with cloud providers' native security offerings.

### How can I contact Chainguard?
You can contact Chainguard through their website at chainguard.dev, which offers product information, documentation, and sales inquiries. The company also maintains active community engagement through conferences and open source contributions.

### Is Chainguard hiring?
Yes, Chainguard is actively hiring across engineering, sales, customer success, and corporate functions as the company scales from $40M toward $100M+ ARR. The company was named one of Fortune's Best Workplaces in Technology and offers comprehensive benefits including unlimited PTO and 100% health coverage.

### What's the latest news about Chainguard?
In 2025, Chainguard raised $636 million ($356M Series D + $280M growth financing), tripled its valuation to $3.5 billion, achieved $40M ARR with 640% YoY growth, expanded its catalog to 1,000+ images, and launched Chainguard Libraries for JavaScript, Java, and Python.

### What is Chainguard's market position?
Chainguard is a recognized leader in software supply chain security with a $3.5B valuation, $40M ARR growing 640% YoY, and 150+ enterprise customers. The company is positioned to reach $100M+ ARR before end of 2026 as software supply chain attacks continue to increase.

### What are Chainguard's future plans?
Chainguard plans to reach over $100M ARR before the end of 2026, expand its catalog beyond 1,000 images, grow its enterprise customer base, and continue innovation in automated software rebuilding and supply chain security as the market for secure open source solutions expands.

## Tags

b2b, cybersecurity, saas, scaleup, security

---
*Data from geo.sig.ai Brand Intelligence Database. Updated 2026-04-14.*