https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/tags/video/Recent content in video onHugo -- gohugo.ioen-USTue, 23 Dec 2025 09:30:00 +0100https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/what-is-factory/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/what-is-factory/Transcript Interviewer: So Dustin, can you explain what the Chainguard Factory is? Dustin Kirkland: Yeah, so the Chainguard Factory is the automation that’s at the heart of what we do here at Chainguard. Essentially, we have this build system that’s constantly monitoring over 10,000 open source projects, and the moment that any upstream maintainer tags a new release, our automation springs into action—fetching that source code, checking the checksums, applying our build rules, rebuilding and recompiling that software, retesting that software at the package and unit level.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/troubleshooting/debugging_distroless/Fri, 26 Jan 2024 01:21:01 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/troubleshooting/debugging_distroless/Tools used in this video Docker Desktop (Note a paid subscription is required.) Transcript Hey folks, I wanted to record a short video explaining how you can debug container images, even distroless ones. One of the problems with distroless images is that they can be difficult to debug. Now if you’re using Kubernetes, please try out ephemeral containers, but in this video I want to talk about something else.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/what-factory-builds/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/what-factory-builds/Transcript Interviewer: So Dustin, what does the Factory actually build every day? Dustin Kirkland: Yeah, so the input is open source software that’s coming in from thousands of upstream maintainers who are very much the experts in what they do. That goes into our Factory. We apply our build automation system and, importantly, our quality control and testing system. Out of that comes a series of artifacts. We produce APKs, which is our package format.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/touring-the-factory/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/touring-the-factory/Transcript Interviewer: So Dustin, can you give us a quick tour of the Chainguard Factory? Dustin Kirkland: Yeah, so the Chainguard Factory is the automation that we have inside of Chainguard itself that is able to reproducibly build thousands of open-source projects. We start from a fully bootstrapped-from-source version of the source code. We pull the source code down, we apply our build rules, build that code, test that code, sign that code, and publish that code—first as packages.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/about/zerocve/Fri, 31 May 2024 12:21:01 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/about/zerocve/Tools and resources used in this video Grype Wolfi Security Advisories Note: In November 2024, after this article was first written, Chainguard made changes to its free tier of container images. In order to access the non-free container images used in this guide, you will need to be part of an organization that has access to them. For a full list of container images that will remain in Chainguard's free tier, please refer to this support page.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/about/can-anybody-build-containers/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/about/can-anybody-build-containers/Transcript Interviewer: But everything is open source—can anybody build the images themselves? Dustin Kirkland: Anyone certainly can. It does take quite a bit of expertise to get that to build the first time, and we’ve structured an entire engineering organization around building things the first time. When we get new requests from either internal Chainguard or our existing customers or our new prospects, it goes through a process by which we analyze that source code.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/about/beyond_zero_pytorch_2024/Sat, 07 Sep 2024 01:21:01 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/chainguard-images/about/beyond_zero_pytorch_2024/Recording of Beyond Zero: Eliminating Vulnerabilities in PyTorch Container Images presented by Dan Fernandez, Srishti Hegde, and Patrick Smyth at PyTorch 2024 Session Description Container images are increasingly the future of production applications at scale, providing reproducibility, robustness, and transparency. As PyTorch images get deployed to production, however, security becomes a major concern. PyTorch has a large attack surface, and building secure PyTorch images can be a challenge. Currently, the official PyTorch runtime container image has 1 CVE (known vulnerabilities) rated critical and 5 CVEs rated high.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/future-of-factory/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/factory/future-of-factory/Transcript Interviewer: So what do you see as the future for the Factory? Dustin Kirkland: Well, I’m not going to get into the super secret plans we have for next generation products, but I will tell you that we are constantly expanding the scope of the open source projects that we’re building. So more and more packages—each of those show up as new packages that we’re now able to add to our existing images or build new images around.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/libraries/how-libraries-plug-into-workflow/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/libraries/how-libraries-plug-into-workflow/Transcript Interviewer: So Dustin, how does Libraries actually plug into a developer workflow? Dustin Kirkland: Yeah, so I used the word “hydrate” earlier. We hydrate typically a JFrog Artifactory or a Cloudsmith—we hydrate that registry of artifacts with Chainguard securely built artifacts. And we produce this constant flow of tens of thousands of those library version tuples into that environment. And our customers can come to us and get a license for our entire Java ecosystem or our entire Python ecosystem.https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/libraries/how-libraries-help-developers/Sat, 02 Aug 2025 16:00:00 +0000https://deploy-preview-3155--ornate-narwhal-088216.netlify.app/chainguard/libraries/how-libraries-help-developers/Transcript Interviewer: So how does Chainguard Libraries help developers? Dustin Kirkland: Yeah, so building off of that Chainguard Factory, we’ve actually repurposed all of that automation to not just build packages and containers, but actually fetch libraries directly from their upstream source and recompile those Java binaries—JARs—and those Python binaries—wheels—in a new format, or in the same format rather, but totally bootstrapped from source. The fact that we can rebuild those libraries means that we can actually patch them if necessary.