Chainguard Inc., a startup that helps developers ensure the open-source code they use is secure, has raised $356 million in fresh funding.

The Series D round comes less than a year after the company’s previous nine-figure raise. Chainguard detailed in its announcement of the deal today that Kleiner Perkins and IVP were the lead investors. They were joined by Salesforce Ventures, Datadog Ventures and all of the company’s existing backers.

Many enterprise applications incorporate open-source components. If such a component includes a vulnerability, it can make the application in which it’s used susceptible to hacking. Chainguard promises to reduce the risk of breaches by providing hardened versions of popular open-source technologies.

To make an open-source tool more secure, the company creates a so-called software bill of materials that describes what components it includes. This makes it easier to identify components that may pose cybersecurity risks. For added measure, Chainguard’s engineers remove unnecessary code that could potentially be used in cyberattacks.

After releasing a custom version of an open-source tool, the company updates it daily with enhancements from the upstream project. That gives users quick access to fixes for newly discovered vulnerabilities.

Chainguard’s flagship offering, Chainguard Containers, is a catalog of more than 1,200 hardened open-source components packaged into containers. That’s up from about 700 components at the time of the company’s previous funding round last year. In March, it introduced two additional offerings: Chainguard VMs and Chainguard Containers.

Companies often run containers inside a virtual machine. The virtual machine is equipped with an operating system, as well as a so-called runtime that enables workloads to interact with the operating system. Chainguard VMs is a collection of hardened virtual machines optimized to power container environments.

Operating systems include many components that aren’t necessary for containerized workloads. Chainguard VMs do away with those components, which reduces complexity and thereby eases tasks such as applying cyber cybersecurity patches.

Chainguard Libraries, the company’s other new offering, provides hardened versions of popular Java libraries. Libraries are prepackaged code bundles that developers can incorporate into an application to avoid writing everything from scratch. 

On occasion of today’s funding milestone, Chainguard disclosed that its flagship Chainguard Containers offering has more than 150 customers. The annualized recurring revenue the company generates from those customers topped $40 million during its 2025 fiscal year. Chainguard expects that number to reach $100 million before the end of fiscal 2026.

The company will use the new capital to accelerate its go-to-market efforts and build new features. 

Image: Unsplash