# Chainguard Academy > Learn how to make your software supply chain secure by default ## Overview Chainguard Academy (edu.chainguard.dev) provides documentation, tutorials, and demos on Chainguard products and educational content on software supply chain security. ### Content Statistics - **Total Articles**: 345 - **Chainguard Products**: 265 articles - **Open Source Projects**: 52 articles - **Software Security**: 27 articles - **Last Updated**: July 1, 2025 This website provides comprehensive documentation and educational resources for: - Chainguard Containers: Secure-by-default container images - Chainguard Libraries: Language libraries built from source - Chainguard VMs: More secure, purpose-built virtual machine images - Open source security tools including Sigstore, Wolfi Linux, and build tools - Software supply chain security recommended practices - Compliance frameworks and vulnerability management ## Technology Stack This documentation site is built with the following technologies: - **Static Site Generator**: Hugo v0.110.0+ (Extended Edition) - **Theme Framework**: Doks (based on Bootstrap) - **Search**: FlexSearch for client-side search functionality - **Analytics**: Google Analytics (GA4) - **Hosting**: Static site hosting with CDN - **Build Tools**: Node.js for asset pipeline - **Markdown Processing**: Goldmark with extensions - **Syntax Highlighting**: Prism.js for code blocks - **Math Rendering**: KaTeX for mathematical expressions - **Diagrams**: Mermaid for flowcharts and diagrams ### Content Management - **Format**: Markdown with YAML frontmatter - **Version Control**: Git-based workflow - **API**: No dynamic API (static site) - **Update Frequency**: Daily deployments - **Build Time**: ~5 seconds for full site rebuild - **Total Pages**: 469 (including taxonomies and lists) - **Content Sections**: 3 main sections - **Tags**: 59 unique tags ### Supported Features - Multi-language code examples - Interactive diagrams - Responsive images with lazy loading - Table of contents generation - Cross-references and internal linking - RSS feeds for content sections - Sitemap generation ## Content Licensing ### Documentation License All documentation content on this site is licensed under the Creative Commons Attribution-ShareAlike 4.0 International License (CC BY-SA 4.0), unless otherwise noted. **You are free to:** - **Share**: Copy and redistribute the material in any medium or format - **Adapt**: Remix, transform, and build upon the material for any purpose, even commercially **Under the following terms:** - **Attribution**: You must give appropriate credit, provide a link to the license, and indicate if changes were made - **ShareAlike**: If you remix, transform, or build upon the material, you must distribute your contributions under the same license ### Code Examples License Code snippets and examples in the documentation are licensed under the Apache License 2.0, unless otherwise specified. ### Trademark Notice Chainguard and the Chainguard logo are trademarks of Chainguard, Inc. Use of these trademarks requires prior written permission. See our [Trademark Policy](https://edu.chainguard.dev/software-security/trademark/) for details. ### Attribution Format When using content from Chainguard Academy, please use the following attribution: ``` Source: Chainguard Academy - https://edu.chainguard.dev License: CC BY-SA 4.0 (documentation) / Apache 2.0 (code examples) ``` ### Third-Party Content Some content may include third-party materials under their own licenses. These are clearly marked where applicable. ## Content Sections ### Chainguard Products (/chainguard/) Documentation for Chainguard's enterprise products and services. - [Chainguard Libraries Overview](https://edu.chainguard.dev/chainguard/libraries/overview/): Background Most application development rests on the shoulders of libraries and applications from … - [Chainguard Custom Assembly](https://edu.chainguard.dev/chainguard/chainguard-images/features/ca-docs/custom-assembly/): Chainguard has created Custom Assembly, a tool that allows users to create customized container … - [Chainguard End-of-Life Grace Period for Containers](https://edu.chainguard.dev/chainguard/chainguard-images/features/eol-gp-overview/): Typically, specific versions of software receive updates on a schedule for a set amount of time. … - [Chainguard Libraries Access](https://edu.chainguard.dev/chainguard/libraries/access/): Access to Chainguard Libraries is consistent across all permissions and accounts of the Chainguard … - [Getting Started with the C/C++ Chainguard Containers](https://edu.chainguard.dev/chainguard/chainguard-images/getting-started/c/): C and its derivative, C++, are two widely adopted compiled languages. Chainguard offers a variety of … - [Chainguard Libraries Network Requirements](https://edu.chainguard.dev/chainguard/libraries/network-requirements/): The following sections detail the required network access to use Chainguard Libraries and the … - [Chainguard Libraries FAQ](https://edu.chainguard.dev/chainguard/libraries/faq/): What security issues can Chainguard Libraries prevent? As detailed on the background and … - [Chainguard Criteria for Determining Whether to Build a Container Image](https://edu.chainguard.dev/chainguard/chainguard-images/about/what-chainguard-will-build/): There are currently over 1,000 Chainguard Containers and that number is always growing as we add … - [Chainguard FIPS Container FAQs](https://edu.chainguard.dev/chainguard/chainguard-images/features/fips/faqs/): Answers to your questions about Chainguard FIPS container images. Is there a way to enable or … - [Chainguard Shared Responsibility Model](https://edu.chainguard.dev/chainguard/chainguard-images/about/shared-responsibility-model/): Chainguard’s mission is to be the safe source for open source. As part of this mission, Chainguard … ### Open Source Projects (/open-source/) Documentation for open source security tools and projects. - [How to Install Sigstore Policy Controller](https://edu.chainguard.dev/open-source/sigstore/policy-controller/how-to-install-policy-controller/): The Sigstore Policy Controller is a Kubernetes admission controller that can verify image signatures … - [An Introduction to Rekor](https://edu.chainguard.dev/open-source/sigstore/rekor/an-introduction-to-rekor/): An earlier version of this material was published in the Rekor chapter of the Linux Foundation … - [An Introduction to Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/an-introduction-to-cosign/): An earlier version of this material was published in the Cosign chapter of the Linux Foundation … - [How to Install the Rekor CLI](https://edu.chainguard.dev/open-source/sigstore/rekor/how-to-install-rekor/): An earlier version of this material was published in the Rekor chapter of the Linux Foundation … - [How to Install Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-install-cosign/): An earlier version of this material was published in the Cosign chapter of the Linux Foundation … - [How to Query Rekor](https://edu.chainguard.dev/open-source/sigstore/rekor/how-to-query-rekor/): An earlier version of this material was published in the Rekor chapter of the Linux Foundation … - [How to Sign a Container with Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-sign-a-container-with-cosign/): An earlier version of this material was published in the Cosign chapter of the Linux Foundation … - [How to Sign and Upload Metadata to Rekor](https://edu.chainguard.dev/open-source/sigstore/rekor/how-to-sign-and-upload-metadata-to-rekor/): An earlier version of this material was published in the Rekor chapter of the Linux Foundation … - [How to Sign Blobs and Standard Files with Cosign](https://edu.chainguard.dev/open-source/sigstore/cosign/how-to-sign-blobs-with-cosign/): An earlier version of this material was published in the Cosign chapter of the Linux Foundation … - [How to Set Up An Instance of Rekor Instance Locally](https://edu.chainguard.dev/open-source/sigstore/rekor/install-a-rekor-instance/): An earlier version of this material was published in the Rekor chapter of the Linux Foundation … ### Software Security (/software-security/) Educational content on software supply chain security best practices. - [Introduction to the PCI Data Security Standard (DSS) 4.0](https://edu.chainguard.dev/software-security/compliance/pci-dss-4/intro-pci-dss-4/): PCI DSS 4.0, or Payment Card Industry Data Security Standard, is a global standard in the payments … - [Introduction to the Cybersecurity Maturity Model Certification (CMMC) 2.0](https://edu.chainguard.dev/software-security/compliance/cmmc-2/intro-cmmc-2/): CMMC 2.0, or Cybersecurity Maturity Model Certification, is a cybersecurity framework established by … - [Sea-curing Software #1 - Fighting Vulnerabilities](https://edu.chainguard.dev/software-security/comics/fighting-vulnerabilities/): - [What Are Software Vulnerabilities and CVEs?](https://edu.chainguard.dev/software-security/cves/cve-intro/): A software vulnerability is a weakness in a program which, if left unaddressed, may be used by … - [CMMC 2.0 Maturity Levels](https://edu.chainguard.dev/software-security/compliance/cmmc-2/cmmc-2-levels/): The Cybersecurity Maturity Model Certification (CMMC) 2.0 integrates various cybersecurity standards … - [Why Care About Software Vulnerabilities?](https://edu.chainguard.dev/software-security/cves/cve-why-care/): Software products are prone to vulnerabilities which, if exploited by an attacker, may negatively … - [Overview of PCI DSS 4.0 Practices/Requirements](https://edu.chainguard.dev/software-security/compliance/pci-dss-4/pci-dss-practices/): PCI DSS 4.0, or Payment Card Industry Data Security Standard is intended for all entities that … - [Overview of CMMC 2.0 Practices/Control Groups](https://edu.chainguard.dev/software-security/compliance/cmmc-2/cmmc-practices/): Cybersecurity Maturity Model Certification (CMMC) 2.0 requires a progressive set of practices. Level … - [Infamous Software Vulnerabilities](https://edu.chainguard.dev/software-security/cves/infamous-cves/): Software vulnerabilities vary in their severity – some are difficult to exploit and have minimal … - [Software Vulnerability Remediation](https://edu.chainguard.dev/software-security/cves/cve-remediation/): At worst, a software vulnerability can impose a critical security flaw that warrants attention. … ## Key Topics - Container security and minimal base images - Software supply chain security - Cryptographic signing and verification - Vulnerability management and CVE remediation - Compliance frameworks for regulated industries - DevSecOps practices and tools ## Target Audience - Security engineers and DevSecOps teams - Platform engineers working with containers and Kubernetes - Developers building secure applications - Compliance teams in regulated industries - Open source contributors to security tools ## Resources The site includes tutorials, reference documentation, conceptual guides, and practical examples for implementing secure software practices using Chainguard's tools and following industry recommendations. ## Contact and Contributions - **GitHub**: https://github.com/chainguard-dev/edu - **Issues**: Report documentation issues via GitHub - **Contributing**: See CONTRIBUTING.md in the repository - **Support**: Available through Chainguard support channels for customers