Chainguard Images - GovCloud logo

    Chainguard Images - GovCloud

    Sold by
    Chainguard Images are a collection of minimal, hardened container images that are patched and rebuilt daily, and come with low-to-zero known CVEs, SLSA 2 compliance, signatures, and SBOMs.

    Ratings and reviews

    4.7
    66 ratings
    2 star
    1 star
    86%
    12%
    2%
    0%
    0%
    0 AWS reviews
    |
    66 external reviews
    External reviews are from G2 .

    Filters

    Review type

    AWS Marketplace reviews
    External reviews
    Reviews (66)
    Computer Software

    Lean, mostly CVE-free base images with wide flexibility and FIPS compliance

    Reviewed on Jun 29, 2026
    Review provided by G2
    What do you like best about the product?
    Their base image support is notable: the images are lean and mostly free from CVEs. They also provide a high range of possibilities and FIPS compliance.
    What do you dislike about the product?
    Their UI for reviewing CVE patches feels overwhelming and makes it difficult to locate results for specific packages. The CLI's login flow also lacks clear documentation. Finally, they now rely more on upstream patches for CVE fixes than they did previously, which may be a consequence of the wider range of technologies they support.
    What problems is the product solving and how is that benefiting you?
    As many of our customers scan our products for CVEs and we have a docker based product it is essential that we have near zero CVEs in our base images, which provides a significant ROI even though the somewhat high licensing price.
    Nathan P.

    CVE Management and Remediation: A return to sanity

    Reviewed on Jun 26, 2026
    Review provided by G2
    What do you like best about the product?
    At first, I assumed it would be more like, “oh, they’ll make my life easier with CVEs.” But after using the service, I’ve found the real strength is the ability to build custom images that include the packages and libraries you actually need. In a lot of architectures you end up with plenty of one-off images, and with Chainguard you can replace those with their CVE-hardened versions.
    What do you dislike about the product?
    This isn’t a complaint, and I know it’s already on their roadmap, but I’d really like to see STIG and FIPS VMs offered in addition to their container images. That would help a lot with on-prem infrastructure, especially if I could swap out all the OSs on my bare-metal servers and OpenStack VMs.
    What problems is the product solving and how is that benefiting you?
    Time.

    The open source images, as well as the base images we use for our own applications, create a large attack surface. We can remediate issues ourselves by swapping libraries, patching images, or forking upstream, but it turns into a never-ending game of whack-a-mole. Chainguard changes that by letting me continuously update and address CVEs across all of our images, in seconds rather than hours.

    Also the price point for their product catalog is more than worth it if you consider the worth of several engineers consistently focusing (and repeating) on CVE tasks.
    Stacey Z.

    Trusted Partner for Secure Container Infrastructure

    Reviewed on Jun 26, 2026
    Review provided by G2
    What do you like best about the product?
    Chainguard's security-first approach, combined with the expertise of their engineering team, has been the most valuable aspect of our partnership. Their minimal, hardened container images and FIPS-compliant libraries have helped simplify our FedRAMP readiness efforts while reducing software supply chain risk. We also appreciate their responsiveness, technical knowledge, and willingness to work collaboratively to resolve implementation challenges and support our engineering teams.
    What do you dislike about the product?
    We have no significant concerns at this time and have been pleased with our overall experience working with Chainguard.
    What problems is the product solving and how is that benefiting you?
    Chainguard is helping us strengthen our software supply chain security while accelerating our FedRAMP readiness. Their hardened container images and FIPS-compliant cryptographic libraries reduce the effort required to build and maintain secure container images, simplify compliance with federal security requirements, and help minimize vulnerabilities in our software stack. This allows our engineering teams to focus on delivering product capabilities while improving the security and integrity of our containerized workloads.
    Aviation & Aerospace

    Secure, Hardened Chainguard Images That Save DevSecOps Time

    Reviewed on Jun 25, 2026
    Review provided by G2
    What do you like best about the product?
    As a DevSecOps engineer, the best part of Chainguard is being able to get secure, hardened container images off the shelf. Before Chainguard, I had to maintain my own images and write custom scripts to remove certain binaries, or build my own images from scratch to reduce vulnerabilities. That created a lot of toil, especially when it came to keeping everything up to date. Now I can start from images that are already designed with security in mind, which cuts down on vulnerability noise and saves me time. I don’t use the UI much, so for me the main value is the core functionality: reliable, low-vulnerability images that make secure container workflows much easier to maintain.
    What do you dislike about the product?
    Some images that are directly derived from other sources, like Bitnami, end up with entrypoints that differ from the originals. On top of that, some Helm charts don’t provide a way to customize the container’s ENTRYPOINT or CMD. In certain cases, this leaves me having to maintain my own image (using Chainguard’s image as a base) solely to adjust the ENTRYPOINT.
    What problems is the product solving and how is that benefiting you?
    This is kind of obvious question - it helps me maintain secure environment. It is also extremely helpful in case of certifications like SOC2 or deployments to restricted environments.
    Computer Software

    Valuable Security Patch Management for a Small Team

    Reviewed on Jun 23, 2026
    Review provided by G2
    What do you like best about the product?
    Having someone else manage security patches is quite valuable to my small team.
    What do you dislike about the product?
    Sometimes unclear how vulnerabilities are triaged or resolved in a timely fashion. Some of the underlying compatibility shims play havok with our security scanners.
    What problems is the product solving and how is that benefiting you?
    Keeping our containers free from vulnerabilities lets us present a strong security posture to auditors and customers.
    Airlines/Aviation

    Fast CVE Remediation and a Clean CLI—Occasional Auth0 Login Hiccups

    Reviewed on Jun 18, 2026
    Review provided by G2
    What do you like best about the product?
    The fast CVE remediation requires a minimal images.
    The well-thought-out authentication flow for CLI and a simple, but complete interface.
    What do you dislike about the product?
    The login flow is generally fine, but from time to time I get a “something went wrong” message on the Auth0 page. It doesn’t happen often, and it’s not a big deal.
    What problems is the product solving and how is that benefiting you?
    They allow us to lower our CVE count, which is the main advantage of using Chainguard images.
    Before, while using public Docker images, we couldn't hit 0 CVE; it was impossible. Chainguard made it possible
    Adil C.

    Exceptional product, team that genuinely partners with you

    Reviewed on Jun 17, 2026
    Review provided by G2
    What do you like best about the product?
    Reducing CVEs is obviously important, but even more so are the people who work there and the support they provide. They genuinely care about helping their clients get the most out of their products and services.
    What do you dislike about the product?
    Honestly, I cant think of anything that I dislike about them.
    What problems is the product solving and how is that benefiting you?
    Chainguard provides hardened container images that dramatically reduce our CVE exposure. It cuts down the vulnerability noise our team has to triage, letting us focus on shipping product instead of chasing base image issues.
    Information Technology and Services

    Huge CVE Reduction with Chainguard Images, Plus Excellent UI and Documentation

    Reviewed on Jun 15, 2026
    Review provided by G2
    What do you like best about the product?
    The CVE reduction we’ve seen with Chainguard images has been a huge lift for us. The UI offers robust functionality, and it’s well supported by Chainguard’s tooling and integration points. The documentation is excellent, and the team has been amazing—especially Eric and Gem.
    What do you dislike about the product?
    Generally don't have anything to share around dislikes.
    What problems is the product solving and how is that benefiting you?
    Improved supply chain security posture, minimized images, etc.
    Hospital & Health Care

    Well-Engineered, Fast-Updated Secure Container Images with Outstanding Support

    Reviewed on Jun 15, 2026
    Review provided by G2
    What do you like best about the product?
    Chainguard container images are very well engineered, well managed, and well supported. The company stays focused on providing meaningful, effective security, and that focus shows in the overall experience.

    The images are updated promptly as vulnerabilities are resolved by product owners and communities. For example, I was tracking a particularly high-impact npm vulnerability, and our node/npm images were updated within four hours of the release of the new (remediated) npm version.

    Wolfi, as a container-focused Linux distribution, is well planned and well implemented. I especially appreciate the glibc compatibility (in contrast to Alpine).

    Chainguard has also done a great job developing tools and information that can be used in automated processes, rather than only being available via a web page.

    Overall, I’ve appreciated the depth of knowledge on the technical team. I’ve learned a huge amount and added a significant number of security tools based on my conversations with our technical support team. The product support lead for our company has done an amazing job providing everything possible for us to be successful.
    What do you dislike about the product?
    The most difficult issue I’ve encountered when using the Chainguard container images is the complexity of the web pages for the container products.

    My company has a specific need to use only the latest updated version within each supported product major version. Because of that, it was hard to explain to other users which label they should use. For example, I need teams to refer to images by product and major version, e.g., node:24-latest. However, the same image might also be referenced as “node:latest” or “node:24.9,” which created confusion. I ended up developing an internal dashboard to make it clearer which images to use to meet our compliance requirements.

    Note: I understand that many other companies might prefer node:latest or a pinned version, so Chainguard needs to provide all the labels to give customers flexibility and choice. In our case, though, that flexibility made it harder for some of our teams to consistently select the correct option for our needs.
    What problems is the product solving and how is that benefiting you?
    Chainguard provided us with a solution for building containers configured to minimize the attack surface and kept up to date as security patches are released.

    Across our teams, we’ve used images based on a range of distributions, including Ubuntu, Debian, Alpine, and others. Chainguard’s Wolfi OS has been more compatible with glibc-based components, and it’s updated much more frequently than the other container options we’ve used. Chainguard’s container images are the gold standard for deploying and maintaining security-focused containers.
    Computer Software

    Faster way to lower the CVE count with some caveats

    Reviewed on Jun 15, 2026
    Review provided by G2
    What do you like best about the product?
    the idea of not having to think about vulnerabilities
    and their team support
    What do you dislike about the product?
    UI is slighly clunky, the CLI could be improved
    What problems is the product solving and how is that benefiting you?
    Keeping the CVE count low really helps us, because it lets us move faster and avoid having to maintain the base images ourselves.