Continue Reading Welcome, Endor Labs!
Welcome, Chainguard!
Zero vulnerability building blocks for enterprises.
April 23, 2025
- CEO: Dan Lorenc
- Sector: Cybersecurity
- Location: Kirkland, WA
The Opportunity
Developers and security teams are stuck in a constant cycle of finding and fixing vulnerabilities. Most modern enterprises rely on dozens of tools that generate thousands of vulnerability alerts — leaving security teams to manually sift through the noise to identify and fix the few that truly matter. These alerts typically originate from the third-party and open source components that organizations rely on (an estimated 90% of codebases today are comprised of open source software).
To escape this painful cycle, enterprises need ‘secure by default’ software artifacts — zero-vulnerability building blocks that let developers ship securely from day one, saving time and reducing downstream risk. These ‘secure by default’ (hardened) artifacts are now required for use by many organizations hoping to achieve the authorization necessary to sell into federal government and regulated industries (FedRAMP, DoD, and FIPS, among others). This is a paradigm shift to how enterprises approach application security, with an opportunity to create a category-defining company.
The Solution
Chainguard is reshaping how software is built — making ‘secure by default’ the standard to boost both engineering and security team effectiveness.
Their efforts started with container images, the foundation of modern container-based development. To-date, Chainguard has built and scaled a unique library of over 1,300 zero-vulnerability container images that span common servers, databases, languages, and frameworks. These images are used in lieu of standard open source images, significantly reducing the attack surface area and need for vulnerability remediation.
Chainguard’s image library is the bedrock of application security for some of the largest Fortune 500 companies globally. Their image library continues to grow everyday to match the needs of customers, such as the recent addition of CUDA (NVIDIA) images to support AI/ML development efforts. Dozens of enterprise customers, including Snowflake, HPE, Anduril, and Wiz rely on Chainguard’s container images to enable their compliance with federal government authorizations. Chainguard is transforming software engineering, application security, and compliance for its customers — eliminating hundreds of hours of development work while significantly strengthening the security of mission-critical applications.
Container images are just the first inning for Chainguard. The team is building secure by default open source language libraries (starting with commonly used Java libraries) and virtual machine images from the ground up. For customers leveraging these offerings, Chainguard aims to be their primary source of third-party software artifacts, each coming with Chainguard’s secure-by-default stamp of approval.
Why We’re Backing Chainguard
We’re investing in Chainguard because we believe they’re poised to become the default security foundation for software applications globally. While many companies can make iterative improvements to existing tools, Chainguard is fundamentally changing how modern enterprises build software and manage their security posture.
It took a stellar, incredibly technical team to scale Chainguard to where it is today. Co-founders Dan Lorenc, Matt Moore, Kim Lewandowski, and Ville Aikas worked at Google for years and were foundational contributors to Google Cloud, Kubernetes, and critical open source security projects including Sigstore. From our very first meeting, we knew this team had the unique ability to change the paradigm within cybersecurity and scale a generational company.
Building container images with zero vulnerabilities sounds simple, but it’s a complex, wide-ranging challenge — one that’s as much about scale as it is about technical execution. Chainguard has forged a robust engine to securely create the initial image/package and effectively maintain the quality of the 1,300+ images continuously. Scaling Chainguard’s container image library while upholding best-in-class SLAs is no easy task — yet the team has consistently outperformed traditional scaling laws. At the heart of this success is a growing layer of automation within the Chainguard factory, which is the very foundation of its value proposition.
This value proposition has resonated so strongly with customers that Chainguard’s growth profile has exceeded some of the fastest-growing software companies we’ve seen — evidenced by the widespread adoption of Chainguard across the Salesforce Ventures portfolio and broader Salesforce ecosystem.
What’s Ahead?
We’re looking forward to the next phase of growth as Chainguard brings its full-suite of products – secure-by-default container images, open source language libraries, and virtual machine images – to customers globally. Chainguard is poised to be a critical enabler of cloud software adoption in the federal government and other regulated industries — a transformation that’s still in its early stages. In the coming years, we believe Chainguard’s repository will be the first stop for any security-minded software developer.
Having spent time with the Chainguard team over the past two years in San Francisco, New York, London, and beyond, we’re thrilled to formalize our partnership with this incredible team and invest in the $356M Series D alongside our friends at IVP, Kleiner Perkins, and other steadfast partners. We’re also glad to partner again with go-to-market leaders Ryan Carlson, Rob Finn, and others we’ve been fortunate to work with in the past to help lead this category-defining journey.
Welcome to the Salesforce Ventures family, Chainguard!
