Chainguard Expands Executive Bench as Demand for Trusted Open Source Accelerates

Chainguard is tightening its grip on the open-source software supply chain with two heavyweight hires aimed at scaling growth and accelerating innovation. The company has appointed Parm Uppal as Chief Revenue Officer (CRO) and Patrick Donahue as Senior Vice President (SVP) of Product — moves that signal Chainguard’s ambition to dominate the emerging market for secure, verified open-source components.

CEO and Co-founder Dan Lorenc described the hires as pivotal for Chainguard’s next phase of expansion. “Parm will help us deepen our relationships with customers and partners across industries and geographies, and Patrick will accelerate the innovation that allows engineers to build faster and with more confidence,” Lorenc said. “They’re both exceptional leaders who will help guide Chainguard through this next chapter of growth.”

From Silicon Valley Scale to Open-Source Trust

As CRO, Uppal brings a proven record of scaling revenue engines for hypergrowth startups and enterprise software powerhouses. His résumé includes leadership roles at AppDynamics — where he helped drive its $3.7 billion acquisition by Cisco — as well as DataRobot, Benchling, and Luminary Cloud.

Now, he’s betting on the convergence of three transformative forces: cloud computing, microservices, and AI-driven code generation. “Each of these trends is transforming how software is built, and together they create both incredible opportunity and new security risks,” Uppal said. “That’s exactly why Chainguard’s mission is so timely: we provide the trusted open source software organizations need to build securely in this new era.”

Uppal’s mandate is to expand Chainguard’s enterprise footprint, grow international markets, and strengthen partnerships with global systems integrators and channel providers — a move that could cement Chainguard’s role as the de facto trusted source for production-ready open source.

Building Developer-First Security at Scale

On the product side, Patrick Donahue steps in to lead Chainguard’s expanding product portfolio — which now spans Containers, Libraries, and Virtual Machines — after nearly a decade shaping security products at Cloudflare. Donahue’s background in application security, infrastructure resilience, and developer experience reflects Chainguard’s broader strategy: make security frictionless.

“The demand for trusted open source has never been higher,” Donahue said. “At Chainguard, we’re designing tools that work with developers, not against them—stopping attacks before they ever become a headline risk.”

Donahue’s team is expected to accelerate the company’s product roadmap, including Chainguard Libraries for Python and JavaScript — both designed to prevent dependency-chain exploits and malware injection — and its zero-CVE base images for cloud and on-prem deployments.

Promotions and Momentum

Chainguard also elevated two long-time leaders: Liz Egan to Chief Marketing Officer and Dustin Kirkland to SVP of Engineering. The company says both have been instrumental in building Chainguard’s brand and scaling its engineering organization amid surging demand for secure software supply chains.

That demand shows no signs of slowing. Chainguard’s container catalog continues to grow by roughly 100 new images per month, and its hardened libraries are already being used by Fortune 500 companies and hyperscalers — including Anduril, Canva, Fortinet, Hewlett Packard Enterprise, Snap, and Snowflake.

The Next Frontier for Secure Open Source

Chainguard’s expansion underscores how security has become inseparable from software velocity. As organizations accelerate development with AI and containerization, Chainguard’s promise of verifiable trust — “secure by default” open-source components — is positioning it as a cornerstone of modern DevSecOps.

The company will showcase its growing suite at KubeCon North America in Atlanta (November 10–13, booth #810), where its message will likely resonate with developers seeking an antidote to open-source risk fatigue.

In an industry defined by speed and uncertainty, Chainguard’s latest moves make one thing clear: the race to secure open source isn’t slowing down — it’s professionalizing.