Amplify News
Our Investment in Chainguard

By Lenny Pruss, Mike Dauber, and Renee Shah

It started with a text exchange over six months ago. A team of current and former Googlers were forming “the Justice League of Security,” it read. That text catalyzed a series of meetings, strategy sessions, and dinners culminating in today’s announcement that Amplify is leading Chainguard’s $5.0 million Seed financing.

But who comprises this mythical “Justice League?” Monikers aside – though they do facetiously refer to themselves as “The Guardians” – Chainguard’s founding team is one of the most prolific we’ve partnered with. If you’ve spent any time in the cloud native ecosystem, odds are you’ve touched multiple pieces of software authored by Dan Lorenc, Kim Lewandowski, Ville Aikas, Scott Nichols, and Matt Moore; GCS,, Minikube, Distroless, Skaffold, Knative, Tekton, Kaniko, ko, and most recently Sigstore and SLSA just to name a few. Rarely do teams possess the depth and breadth of distributed systems and security know-how while maintaining an innate feel for developer experience and abiding respect for the power of open source. Together, this group of exceptional technologists is setting out to address an existential threat facing our global digital economy: software supply chain integrity.

They say luck favors the prepared mind, and years before that fateful text connecting us to Dan, Kim, Ville, Scott, and Matt, we at Amplify embarked on a mission to understand what ailed the software supply chain. We knew there was a ticking time bomb in the industry thanks in large part to our friend Maya Kaczorowski who had been sounding the alarm to us for years. Sure enough, that bomb went off in December 2020 when the SolarWinds attack was first reported.

For the uninitiated, SolarWinds is a $3B+ public company that develops a range of IT monitoring and management software. In December 2020, the company revealed that one of its products, the Orion network monitoring tool, was compromised, which meant over 18,000 customers – a list including dozens of government agencies and Fortune 500 companies – running the most recent version of Orion software had been breached.

The culprit, ultimately, was an unprotected Jenkins build server.

By attacking the build system, the attackers established a foothold in SolarWinds’s software publishing infrastructure. Once in the build system, the attackers had full access to modify software updates provided by SolarWinds to users of Orion. The attack persisted undetected for months, and has widely become known as one of the largest and most sophisticated attacks in history.

Supply chain attacks are so pernicious for two inherent reasons:

  1. The blast radius is massive as attacks are no longer confined to a single compromised organization but extend to every subsequent user of the compromised piece of software.
  2. Organizations have few credible defenses to thwart them; while tens of billions of dollars are spent annually to lock down production environments, limited resources are spent securing the tools and processes by which code gets into production.

This problem is magnified as the digital surface area of every company has grown exponentially over the last decade.

The calculus for bad actors, then, is simple: why spend months on a sophisticated spear phishing campaign when I can pop the CI infrastructure of an ISV, inject malicious code as part of the build process, and then have unfettered access to ALL of their users’ data?

Correspondingly, supply chain attacks are on a meteoric rise and accelerating, increasing 430% from 2019 to 2020 and up a staggering 650% in 2021. Perhaps more disturbing is the ease with which organizations are being pwned. Just this February, a researcher was able to breach 35 companies – including Microsoft, Apple, PayPal, Shopify, Netflix, Yelp, Tesla, and Uber – simply by injecting malicious dependency packages into commonly used open-source developer tools.

The evidence to us was clear as day: supply chain security is going to be the defining issue of the tech industry in the 2020s; a massive problem requiring a coordinated, multi-stakeholder solution.

Enter Sigstore.

Sigstore is an open source software supply chain security toolkit that the Chainguard team first started building while at Google. The mission of Sigstore was to create an easy-to-use, trustable and efficient digital signing tool to confirm the origin of software artifacts. In much the same way Let’s Encrypt made certificates for TLS ubiquitous, Sigstore aims to make software signing ubiquitous.

The toolchain itself is composed of three discrete projects that work in tandem: Cosign (container signing), Fulcio (a code-signing certificate authority), and Rekor (a transparency log). Cosign provides digital signatures on artifacts, “freezes” them in time, telling developers that software is both verified and untampered. Because Sigstore keeps a record of all these signatures, anyone can look up and query these signatures via Rekor, which acts as the system of record for verified software artifacts.

Since launching in March 2021, Sigstore usage has been growing rapidly, being adopted by various open source projects, most notably Kubernetes. The Sigstore community has blossomed in kind, with the support of and key contributions from organizations including Cisco, HPE, Google, Red Hat and VMware. And this is only the beginning.

We believe the path to a secure software supply chain is paved with open standards, best-in-class tooling, and a diverse, supportive community. And it will take nothing less than a heroic effort from a group of immensely talented Guardians who have our unwavering support.

Welcome Chainguard to the Amplify family!