Home
Unchained
Product Blog

Explore Chainguard CVE Visualizations: Now in Beta

Angela Zhang, Product Manager, and Aaditya Jain, Product Marketing Manager

We’re excited to announce the Beta release of Chainguard’s CVE Visualizations capability in our console. CVE Visualizations enables business leaders to quickly understand and communicate the value that Chainguard’s minimal, zero-CVE Guarded Container Images provide over time. Users can now directly compare Chainguard Images with alternatives (i.e., Docker Official Images for Python 3.9, NGINX 1.27, etc.) across metrics like:


  1. Historical total CVEs over time

  2. Historical CVEs, split by severity level, over time

  3. Image size


Ultimately, we see CVE Visualizations becoming a single source of truth to bring transparency to image health and continuously articulate the engineering, security, and economic benefits of adopting Chainguard Images to all stakeholders.



In the rest of this blog, we’ll take you deeper behind the scenes as to why we built this feature and all the capabilities that it has to offer.


The Problem with the Status Quo 💔


Chainguard enables customers to unlock developer productivity, reduce risk, and simplify and accelerate compliance. We deliver on these value pillars by drastically reducing the time, energy, and resources required to triage, patch, and remediate CVEs. In the past we’ve shared that Chainguard has remediated over 54,000 CVEs, saving customers like Anduril, Canva, Cyera, Dexcom, Snowflake, and Wiz over 216,000 engineering hours. Our champions and users feel the benefits of adopting minimal, zero-CVE Guarded Container Images every day.


A tweet from Shaun McDonnell that reads, "Guys. Chainguard is worth every penny. I got to go on a date with my wife last night because I didn't have to remove CVEs from my container images."

But for those same champions and users, convincing – and by that we mean showing – everyone else in their organization the value that Chainguard delivers was challenging, up until this point. While it's trivial to run a Trivy or Grype scan for CVEs at a moment in time, getting continuous historical data on the number of CVEs in images or the number of CVEs remediated over time is not easy. That meant customers faced significant friction when trying to answer questions like:


  • How many CVEs does the Chainguard Python 3.9 image have vs. the alternative image I’m currently using or migrating from? What has the trend been over the last month?

  • How many of those CVEs were rated as critical or high severity?

  • How does image size compare between the Chainguard Image vs the alternative image?

  • Why should my engineering team bother to switch to Chainguard Images? How much better off would we be using Chainguard Images, and where can I get the data to back that up?

  • How much time and money is Chainguard saving our engineering organization by taking on the burden of CVE remediation? 


These questions matter to our customers. That means they matter to us. And so we set out to solve this problem with an intuitive reporting tool, CVE Visualizations.


Chainguard’s Solution: CVE Visualizations 📈


CVE Visualizations is a single source of truth that brings transparency to image health and continuously articulates the engineering, security, and economic benefits of adopting Chainguard Images to all stakeholders. The feature consists of a set of simple, easy to consume, shareable dashboards that can be used to:


  • Demonstrate the ROI and economic value of adopting Chainguard Images to broader company leadership

  • Share CVE accumulation data with Boards of Directors, auditing firms, and compliance regulators 

  • Evaluate the benefits of adopting additional Chainguard Images not currently deployed within their organizations

  • Convince engineering teams to migrate to a new foundation for building and deploying software 


Key capabilities for CVE Visualizations include:


  • A comparison of historical CVE counts for Chainguard Images vs. multiple alternatives, with segmentation by CVE severity

  • Comparison capabilities across tagged versions (i.e., visualizing CVEs across every version of Python 3.8-3.13)

  • A comparison of image sizes for Chainguard Images vs. alternatives

  • Raw historical CVE data in an exportable JSON format for easy distribution across an organization


To get started with this feature, all you need to do is log into the Chainguard Console and navigate to the Reports section. You can check out the documentation for more details.


Looking Forward to GA 👀


Looking ahead to our GA launch in early 2025, we’re planning to incorporate the comparison data into the public directory for anyone to view. We’re also planning to surface additional metrics such as the number of CVEs Chainguard has remediated over time across your entitled images, and a comparison of CVEs accumulated over time between Chainguard Images and alternative images. We are continually taking in feedback from early users to decide what enhancements to add, so we encourage you to try out CVE Visualizations today and let us know what you think!


If you are interested in learning more about CVE Visualizations, or want to take the new feature for a test drive yourself, please reach out.

Share

Ready to Lock Down Your Supply Chain?

Talk to our customer obsessed, community-driven team.

Get Started