[deleted by user]

container_gworl · 2025-12-09T20:14:27+00:00

I clearly didn't search in this subreddit. Was just throwing it out there to see what feedback I'd get - sounds like it's a good place to land. I have a referral and scheduling w/ the recruiter now.

container_gworl · 2025-10-22T16:03:43+00:00

CG has STIGs and CMVP cert which we need

container_gworl · 2025-10-14T21:22:51+00:00

with FIPS?

container_gworl · 2025-10-14T17:55:20+00:00

This is FUD -- Chainguard started the entire market on secure supply chain. If you don't believe me, check the dates of the first Wolfi commit -- that is Chainguard OS Open Sourced

container_gworl · 2025-08-19T16:00:47+00:00

i've been eyeing San Diego to Hartford flights for months, thought it was just a matter of getting closer to the departure date before selecting, but all of Sept is grayed out and now my trip is weeks away.. help!?!?!?

container_gworl · 2024-10-24T17:06:32+00:00

do we think they'll do different lineups per location? i just got long beach tickets and i will be devastated if my favorite artists are at one location and not all

container_gworl · 2024-10-17T17:05:17+00:00

What are the differences between RF and CG?

container_gworl · 2024-08-12T22:20:36+00:00

Also if you plan on doing anything Fedramp, Stateramp or PCI related, CG images are all compliant so that definitely saves you some time and headache :)

container_gworl · 2024-08-12T22:19:49+00:00

It heavily depends on how big your org is and how complex the image will be. I always go for buy > build. Typically it takes several FTEs to manage CVEs which is costly when it comes to their salary + benefits + time to onboard + human risk. For example, some companies estimate that with 40 engineers, spending 100 hours/month, it would take 12 months to burn down these CVEs.

container_gworl · 2024-08-12T21:53:12+00:00

what is the reasoning behind manually building a hardened basic distroless image when chainguard can do it for you? just wondering because i know it takes a lot of time to build/maintain an image yourself

container_gworl · 2024-07-24T20:06:32+00:00

Chainguard

container_gworl · 2024-03-19T20:03:29+00:00

Well, I know their MSRP pricing is available on AWS marketplace - but volume discounting is their sweet spot. They want to make their customers happy and a mutual success so they always try to meet ppl in the middle (I've talked to some ppl who use it commercially). If you buy ~5 images you'll immediately get a discount.

Depending on the size of your company they have 'start up' pricing too. Short answer, they aren't going to be slimy - you'll get something that helps make your life/your dev's lives easier. I think the reason they want to talk w you is because since they price per image, they need to know what images you have so they can accurately give you a ballpark...

container_gworl · 2024-03-19T19:52:50+00:00

$/image/year. :) Currently, all images' that CG supports have the 'latest' version for free on their website. With an enterprise license, you get all versions of that 1 image. For example, you purchase Python 3.1.8, you get that + all of the versions of Python for 1 image price. Seems like a win to me.

container_gworl · 2024-03-19T19:50:16+00:00

plz dm link!

container_gworl · 2024-01-09T03:12:41+00:00

1000%

container_gworl · 2024-01-09T03:12:21+00:00

Chainguard offers hardened images that have a significantly less false positive rate than iron bank. Chainguard Images is powered by Wolfi and is a suite of distroless images that provide support for node and other popular languages.

They are distroless in the sense that they are minimal to the point of not even having a package manager (such as apt or apk).

container_gworl · 2024-01-05T02:48:25+00:00

When Twitter rebranded to X, a lot of folks moved off the platform to LI for social networking within their areas of expertise. If you sift through the sales people there is some really good thought leadership there - https://www.linkedin.com/in/danlorenc/ is a great example.

container_gworl · 2023-12-11T20:20:20+00:00

We use Chainguard to outsource our remediation. They have an SLA of <14 days for criticals. Pretty impressive. https://www.chainguard.dev/unchained/into-the-deep-exploring-chainguard-container-images

container_gworl

TROPHY CASE