Chainguard Launches Global Partner Program to Make Secure Open Source Mainstream

As open source software now powers more than 90% of modern applications, organizations are grappling with an urgent question: how to scale innovation without compromising security. Chainguard, the company behind secure software foundations, unveiled its global Partner Program today, aiming to help resellers and distributors deliver verified open source artifacts to enterprises worldwide.

The program, structured in two tiers with escalating benefits, offers flexible incentives, technical enablement, and go-to-market support. Its launch comes amid a surge in high-profile software supply chain attacks, from SolarWinds to Log4Shell, which have exposed gaps in how companies manage open source dependencies. For organizations navigating regulatory frameworks such as FedRAMP, PCI, NIST SSDF, DORA, CRA, and HIPAA, scalable, proactive supply chain security is no longer optional—it’s mandatory.

“We're at a tipping point in software security. The growing reliance on open source, coupled with the rise in sophisticated supply chain attacks, has made it clear that reactive security models are no longer enough,” said Ryan Carlson, President, Chainguard.

“Organizations need to build fast, but they also need to do so securely – and that starts with trusted open source. With partners across the channel ecosystem, we're making it easier for the world's most innovative companies to build, deploy, and innovate on a foundation that's secure from the start.”

The Chainguard Partner Program is designed to give channel partners a competitive edge. Participants gain access to partner-exclusive training, onboarding resources, deal registration, lead creation tools, and co-branded marketing initiatives. Partners can also influence product development through the Partner & Technical Advisory Council, aligning closely with cloud providers like AWS, Google Cloud, and Microsoft Azure to deliver integrated solutions.

Early adopters of the program are already seeing its value. Bytes, a global cybersecurity reseller, cited Chainguard’s developer-first approach as a differentiator. “From our first interaction with Chainguard, it was evident they embodied this mindset, delivering a forward-thinking, developer-first approach to securing the software supply chain,” said Luke Kiernan, Head of Cyber Security, Bytes.

Defy, a security solutions provider, highlighted the program’s ability to secure supply chains without slowing development. “Their secure-by-default approach is exactly what our customers need to build with confidence and speed,” said Rich Douros, Chief Revenue Officer, Defy.

DevOps1 emphasized the partnership’s alignment with modern DevSecOps practices. “Partnering with Chainguard, the market-leading solution for software supply chain security, enables us to embed robust, verifiable security ensuring a ‘Start Left’ posture in the development lifecycle,” said Alex Rea, CEO, DevOps1.

And EVOTEK, an enterprise IT integrator, framed the program as a way to accelerate secure development. “All organizations want to accelerate their software development, but they can't do that without having a way to secure the applications they're building,” said Jason Myers, Chief Revenue Officer, EVOTEK.

At the heart of Chainguard’s approach is Chainguard Containers, a catalog of over 1,500 zero-CVE container images rebuilt from source in hardened environments. Backed by Chainguard OS, these containers offer signed SBOMs, FIPS-compliant cryptography, and daily vulnerability updates, providing enterprises with a secure, verifiable foundation to build on.

By combining verified OSS artifacts, channel partner enablement, and robust cloud integration, Chainguard is setting a new bar for supply chain security—transforming open source from a vulnerability vector into a reliable engine for innovation.