Secure software supply chain solution provider Chainguard Inc. today announced Chainguard VMs, a new product line offering minimal virtual machine images built entirely from source and using no Common Vulnerabilities and Exposures.

The virtual machine offering has been purpose-built for modern, ephemeral workloads in the cloud and differs from legacy, general-purpose VMs through the use of guarded container host images, which offer a cloud-agnostic, threat-resistant environment for deploying and running containers. Chainguard VMs have been designed from the get-go to help enterprises reduce costly engineering toil associated with container host maintenance and establish a secure foundation for faster development.

“Our customers need solutions that reduce vulnerabilities at every layer of their modern software deployment stack,” said co-founder and Chief Executive Dan Lorenc. “Today, we’re bringing Chainguard’s expertise in building minimal, zero-CVE containers to the VMs they run on. No other company is delivering a minimal, continuously updated and threat-resistant software supply chain with end-to-end integrity.”

Chainguard VMs assist enterprises in migrating to cloud-native architectures where containerized applications have become the standard for modern software deployment. To run containerized applications well, Chainguard argues, enterprises require a container host — a purpose-specific virtual machine that provides the necessary runtime environment for container execution.

The VMs help engineering teams reduce overhead by eliminating the need for constant CVE triage and remediation, allowing them to focus on more strategic tasks. For compliance teams, the zero-CVE design streamlines adherence to frameworks like FedRAMP by removing vulnerabilities at the VM level.

Security teams also benefit from a reduced attack surface and a consistent, secure open-source foundation with end-to-end integrity. Chainguard also ensures continuous upgrades by rebuilding images from the source to deliver the latest patches and features without disruptive migrations.

Chainguard VMs extends Chainguard’s existing product portfolio — alongside Chainguard Containers and Chainguard Libraries — and, in the company’s words, “reinforces its commitment to delivering a secure and efficient software deployment stack.”

Container host images in Chainguard are purpose-built for each major cloud service provider, including versions for managed container services like EKS or for self-managed container deployments on Amazon EC2, Google Compute Engine and Microsoft Azure.

Chainguard VMs are now available to Chainguard customers in early access.

Image: SiliconANGLE/Reve