SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Australia
Developer workspace secure containers kubernetes cloud diagrams
#
Virtualisation
#
DevOps
#
Cloud Security

Chainguard unveils free starter pack for secure images

Fri, 20th Mar 2026
Author image
By Sofiah Nichole Salivio, News Editor

Chainguard has launched a free tier for its container image catalogue, giving developers a starter pack of five images from a library spanning more than 2,100 open source projects and nearly 400,000 architecture-specific image versions.

Called Chainguard Catalog Starter, the package targets teams that build and deploy containerised applications. It also reflects a broader shift in security towards reducing reliance on downstream vulnerability scanning by tightening controls where dependencies enter the build.

Container images package the environment needed to run software, typically combining an operating system base with application components and third-party libraries. They are now a standard unit of deployment in cloud-native development and a common focus for security teams, because weaknesses in underlying dependencies can reach production systems.

Chainguard is positioning Catalog Starter as different from free tiers that restrict access to production-grade artefacts, saying it provides the same images teams deploy in production.

AI and supply chain

Chainguard tied the launch to the growth of AI-assisted development and the security impact of faster software delivery. AI coding tools have increased the pace at which developers assemble and update applications, which can raise the volume of third-party code entering projects.

Defenders, meanwhile, face pressure to manage a growing set of vulnerabilities and respond to rapid changes in upstream open source projects. This has pushed organisations to emphasise provenance, build pipelines, and repeatable dependency management to reduce exposure before code reaches runtime environments.

Dan Lorenc, Chainguard's CEO and co-founder, said the goal is to broaden access to trusted components early in development.

"Developers are moving faster than ever, and AI is amplifying both productivity and risk. In this new era of software development, engineering teams need to be able to standardise on open source components they can trust," said Dan Lorenc, CEO and Co-founder, Chainguard.

What developers get

Catalog Starter provides five free images of the user's choice. Chainguard said the selection covers "every available version" across its base, application, and AI image sets.

The images are described as minimal and continuously rebuilt. In practice, frequent rebuilds can affect how quickly fixes reach downstream deployments, particularly when build systems regularly pull updated artefacts rather than relying on infrequent manual refreshes.

Chainguard said the approach aims to reduce exposure to known vulnerabilities through continuously rebuilt artefacts and to align development and production by providing access to the same images used in production.

Jean Atelsek, senior research analyst at 451 Research, part of S&P Global Energy, said broader access to hardened images could improve security across container ecosystems.

"As AI accelerates software development, modern applications face growing exposure to vulnerabilities," said Jean Atelsek, Senior Research Analyst, 451 Research, part of S&P Global Energy. "Expanding developer access to hardened images reduces downstream work and raises the security baseline across the container ecosystem. Broad availability of trusted artifacts ultimately benefits not just individual teams but the software supply chain as a whole."

Catalogue scale

Chainguard's catalogue is built through its Chainguard Factory, which it describes as the software production system used to create and maintain images. Chainguard said it recently rebuilt the factory with AI at its centre and that the catalogue has more than doubled in size over the past year.

Chainguard said the catalogue now includes more than 2,200 open source projects with an available container image, alongside nearly 400,000 architecture-specific image versions. It also cited 30,000 unique Chainguard OS packages and hundreds of thousands of package versions.

Beyond container images, the company has expanded tooling and artefacts for deployment and compliance. It pointed to Community Helm Charts, upgraded software bills of materials, additional customisation options including Custom Certificate support for Custom Assembly, and an expansion of Private APK Repositories.

Chainguard said Chainguard Catalog Starter is available now. The five-image allocation is intended as an entry point for developers and small teams that want to start with a limited set of images before expanding across more projects.

Related stories
CIQ launches Linux compliance platform ahead of deadlines
Emerson & OPSWAT strike global reseller deal for OT patching
IWF & Cyacomb launch workplace abuse material scans
Cork Cyber adds automated mapping to Vantage platform
How Atomgate uses education and partnership to drive successful SonicWall upgrades

Top stories

Team Cymru launches Total Insights Feeds for threat data
FIRST conference highlights AI & CVE disclosure push
Protegrity launches AI Team Edition for secure inferencing
OpenAI launches Trusted Access for Cyber with major names
Anthropic launches Claude Opus 4.7 with stronger coding