If your organization depends heavily on open-source software (like most of us do), the security of those components has become a real front-line concern. That’s why I think it’s worth paying close attention to what’s happening at Chainguard.

The company just raised a massive $356 million in Series D funding, led by Kleiner Perkins and IVP, with new backers like Salesforce Ventures and Datadog Ventures joining the round. This brings Chainguard’s total funding to about $612 million, pushing its valuation to $3.5 billion.

Chainguard was founded by former Google engineers with one clear mission: to make open-source components secure by default. Instead of bolting on security after the fact, they’re baking it into the core of the software supply chain.

Here’s what they’re doing:

• Pre-secured Linux container images designed to plug directly into Kubernetes environments.
• An automated “software factory” that patches and signs more than 13,000 upstream open-source packages to maintain over 1,400 hardened container images.
• New products like Chainguard VMs and Chainguard Libraries aimed at extending hardened security up and down the stack.

And this isn’t just theoretical — the company’s revenue jumped from $5 million to $40 million in the past year, and they now have more than 100 enterprise customers. Some names you’ll recognize: ANZ Bank, Canva, GitLab, HPE, Snap Inc., and Wiz.

Chainguard isn’t slowing down. With this funding, they plan to:

• Expand engineering and sales teams to keep pace with demand.
• Support more open-source projects through their hardened build pipeline.
• Strengthen enterprise offerings to help companies deal with supply chain vulnerabilities without constant patching headaches.

Their CEO, Dan Lorenc, put it bluntly: “We can’t be the safe source for open source without securing all open source.” Given the steady drumbeat of supply chain incidents — from xz-utils backdoors to malicious GitHub Action updates — it’s a bold but necessary vision.