Sold by: Chainguard
Deployed on AWS
Chainguard Images are a collection of minimal, hardened container images that are patched and rebuilt daily, and come with low-to-zero known CVEs, SLSA 2 compliance, signatures, and SBOMs.
4.8
Overview
Chainguard Images are a collection of minimal, hardened container images. They only contain what is required to build or run your application, delivering on average a 97.6% reduction in CVEs. Each Chainguard Image is patched and rebuilt daily from source with the latest security fixes and CVE remediations, resulting in low-to-zero known CVEs, verifiable image signatures and attestations, high-quality SBOMs, and SLSA Level 2 - Build compliance.
The Chainguard Images inventory contains images for the most popular base images, including Go, Python, Ruby, PHP, Node, and more; and a selection of common developer tools, applications, data products, and servers.
Chainguard Production Images are available for FIPS compliance, major and minor versions, enterprise SLAs, and customer support. Chainguard offers custom pricing through AWS Marketplace Private Offers.
Chainguard provides custom pricing for customers via Private Offer. Please contact AWS-marketplace@chainguard.dev for more information on our pricing model. Pricing displayed is per Image.
Highlights
- Low-to-zero known CVEs with daily patches and rebuilds
- Full SLSA Build Level 2 provenance, signatures, and SBOMs
- Images with FIPS validation available upon request
Details
Sold by
Categories
Delivery method
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Custom pricing options
Pricing is based on your specific requirements and eligibility. Sign in to view any offers that have been extended to you.
Legal
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Chainguard Images are a collection of minimal, hardened container images that are patched and rebuilt daily, and come with low-to-zero known CVEs, SLSA 2 compliance, signatures, and SBOMs.
Deploy your containerized workloads in a threat-resistant environment by leveraging Chainguard container hosts, backed by our CVE remediation SLA, helping you eliminate developer toil and enabling your team to focus on innovation instead of patching vulnerabilities. These minimal, low-to-zero-CVE container hosts are built entirely from source in Chainguard's SLSA Level 2 infrastructure. These container hosts include only those components required to run as a container host, along with an optimized kernel.
Deploy your containerized workloads in a threat-resistant environment by leveraging Chainguard container hosts, backed by our CVE remediation SLA, helping you eliminate developer toil and enabling your team to focus on innovation instead of patching vulnerabilities. These minimal, low-to-zero-CVE container hosts are built entirely from source in Chainguard's SLSA Level 2 infrastructure. These container hosts include only those components required to run as a container host, along with an optimized kernel.
Deploy your containerized workloads in a threat-resistant environment by leveraging Chainguard container hosts, backed by our CVE remediation SLA, helping you eliminate developer toil and enabling your team to focus on innovation instead of patching vulnerabilities. These minimal, low-to-zero-CVE container hosts are built entirely from source in Chainguard's SLSA Level 2 infrastructure. These container hosts include only those components required to run as a container host, along with an optimized kernel.
Customer reviews
Security and Investigations
Great Catalog of FIPS-Compliant Images with Easy Base Image Customization
Reviewed on Jan 21, 2026
Review provided by G2
What do you like best about the product?
There is a good catalog of fips compliant images, and they support customization by adding packages directly to a base image.
What do you dislike about the product?
Some image were missing which complicated the process of migrating all our services.
What problems is the product solving and how is that benefiting you?
It is helping us achieve fedramp high which expands our client base.
Daniel R.
Secure, Low-Vulnerability Containers That Integrate Seamlessly into Our Pipelines
Reviewed on Jan 19, 2026
Review provided by G2
What do you like best about the product?
Chainguard zero- and minimum-vulnerability containers help us deliver secure services and products to our customers with less effort and reduced cybersecurity risk. These containers are a 1-to-1 replacement for existing publicly available containers, and they integrate easily into our development pipelines with no additional effort.
What do you dislike about the product?
Chainguard containers are expensive. However, when I consider how many staff hours go into building and maintaining hardened, low-vulnerability containers for applications, the cost does pay off.
What problems is the product solving and how is that benefiting you?
Chainguard helps reduce cybersecurity risks and the effort associated with our applications by providing secure open-source containers. This, in turn, lowers our need to build and maintain low-vulnerability forks of open-source packages.
Taruj G.
Secured Workloads with Excellent Support
Reviewed on Jan 13, 2026
Review provided by G2
What do you like best about the product?
I like the hardened images and their support for debugging and other channels. I appreciate the vLLM and OSS support along with the images that we need major upgrades for. I also like their release cadence and find their customer support to be good. I value the minimal, hardened, continuously patched base images that work with vLLM, which has a fast release cadence and evolving dependencies. I also like the immutable image tags, SBOM, and continuous rebuild features.
What do you dislike about the product?
I find the lack of easy migration guides and more FDE support frustrating. Also, the initial setup was problematic for GPU services as core NVIDIA images are not supported.
What problems is the product solving and how is that benefiting you?
I use Chainguard for hardened images, better CVE metrics, securing workloads without root access, and aligning with compliance requirements.
Mathieu L.
Essential for CVE-Free Container Management
Reviewed on Nov 21, 2025
Review provided by G2
What do you like best about the product?
I appreciate Chainguard's extensive range of catalog with more than 500 public images to choose from, which significantly enhances my experience by ensuring that an image such as Linkerd is available and likely vulnerability-free compared to other sources like DockerHub. The availability of such a vast selection of images provides us with assurance and flexibility, making it easier to maintain security standards. I value the proactive approach of Chainguard in addressing CVEs by ensuring the images are rebuilt daily, which gives me confidence in their security posture. Additionally, I find the initial setup process to be very easy, and I enjoy the self-management feature allowing me to choose the right images from the catalog effortlessly.
What do you dislike about the product?
It would be great if Chainguard's container registry could sync with AWS ECR so I could use my own private registry instead. I believe it's being worked on though.
What problems is the product solving and how is that benefiting you?
I use Chainguard for vulnerability-free container images, addressing CVE vulnerabilities and rebuilding daily. It offers over 500 compatible public images, enhancing security by avoiding CVE-prone DockerHub alternatives.
Gopalji S.
Effortless Supply Chain Security with Seamless Integration
Reviewed on Nov 19, 2025
Review provided by G2
What do you like best about the product?
What I appreciate most about Chainguard is how it simplifies and strengthens software supply chain security. The platform offers transparent visibility into dependencies, vulnerabilities, and build pipelines, all without introducing unnecessary complexity. I also value its seamless integration with our existing workflows, which enables our team to identify potential issues early and maintain confidence in our software releases. The combination of automation and practical insights truly sets it apart.
What do you dislike about the product?
The main challenge I’ve encountered with Chainguard is that the initial setup and configuration process can be somewhat time-consuming, particularly if you’re dealing with complex pipelines or managing several environments. After the setup is complete, everything operates smoothly, but getting all the integrations in place and fine-tuning the system at the start does demand some effort.
What problems is the product solving and how is that benefiting you?
Chainguard addresses the challenges of software supply chain security and dependency management. It enables us to spot vulnerabilities, apply necessary policies, and guarantee that only trusted components are included in our builds. As a result, we experience fewer security risks, quicker identification of potential problems, and greater assurance in the reliability of our software releases. The tool streamlines our workflow by saving time, minimizing manual checks, and providing our team with peace of mind that our pipelines remain secure.