As enterprises accelerate development across cloud-native and AI-driven environments, software supply chain risk has moved from a background concern to a boardroom priority. The pressure to ship faster hasnβt disappeared, but the tolerance for hidden vulnerabilities inside open-source components and container images has shifted. What once felt like a security team problem now shapes architecture decisions across engineering teams.
Enterprise application teams increasingly rank software supply chain risk among their top concerns, according to Paul Nashawaty, principal analyst at theCUBE Research and host of the AppDevANGLE podcast. Against that backdrop, Chainguard Assemble arrives as engineering leaders confront mounting pressure to embed trust directly into modern software delivery.
βFrom my AppDev research standpoint, this gathering lands at a critical moment for the market,β Nashawaty said. βOur latest 2025 data shows that 72% of enterprise application teams now rank software supply chain risk as a top three concern, up significantly year over year. At the same time, more than 65% of cloud-native teams are increasing investment in container security and compliance tooling in 2026. The industry is clearly moving from βmove fastβ DevOps to βtrustedβ DevOps, and that aligns directly with the eventβs focus on open source, containers and AI-driven blind spots.β
Join theCUBE, News Mediaβs livestreaming studio, on March 19 for exclusive coverage of Chainguard Assemble. Interviews will explore how engineering teams are embedding security directly into developer workflows, modernizing open-source governance and strengthening software supply chain security without slowing innovation. (* Disclosure below.)
Combating software supply chain risk
As enterprises reassess their cloud-native foundations, conversations about supply chain risk increasingly extend beyond tooling and into platform strategy. Chainguard Assemble brings together cloud providers, security vendors and engineering leaders grappling with how to make trust measurable across open-source dependencies and containerized workloads, according to Nashawaty.
βStrategically, whatβs at stake for enterprises is operational trust,β he said. βOur research indicates that organizations with mature supply chain security practices experience 40% fewer production incidents tied to third-party components. In regulated sectors, especially, compliance is now shaping architecture decisions; nearly 60% of new cloud-native deployments cite regulatory requirements as a primary design factor. Sessions around FedRAMP, trusted open source and data integrity are not theoretical discussions; they reflect active buying priorities. The fact that ecosystem players such as Amazon Web Services, Cisco, Okta and others are participating in the event reinforces that this is becoming a platform-level conversation, not a point-tool one.β
Chainguardβs recent trajectory underscores that broader market momentum. In October 2025, the company raised $280 million to expand its trusted open-source software platform. Its portfolio of hardened container images and related artifacts is designed to reduce known vulnerabilities and integrate into enterprise workflows.
In late January, Chainguard announced that it was entering what it called βa new eraβ of its Chainguard Factory with the introduction of Chainguard Factory 2.0. The update is powered by DriftlessAF, an agentic framework the company describes as a βresilient, self-correcting systemβ intended to replace more brittle build and maintenance processes. It has replaced Chainguardβs legacy system and is being open-sourced to the community.
These recent moves provide context for Chainguard Assemble, where theCUBEβs interviews will explore how organizations translate trusted open-source software into day-to-day engineering practice. For enterprises weighing those developments, the broader question is how quickly trust can be put into practice across production environments, according to Nashawaty.
βFrom an actionable perspective, we expect that by the end of 2026, over 50% of enterprise container images in production will be policy-validated or cryptographically attested before deployment,β he said. βHowever, less than half of organizations today have full software bill of materials traceability across environments; thatβs a meaningful gap. With AI-assisted development now present in over 80% of enterprise software organizations, governance inside CI/CD pipelines will be the differentiator. The real watchpoint at this event is which vendors can industrialize trust at scale without slowing developers down.β
TheCUBE event livestream
Donβt missΒ theCUBEβs coverageΒ of Chainguard Assemble on March 19. Plus, you can watch theCUBEβs event coverageΒ on-demandΒ after the event.
How to watch theCUBE interviews
We offer you various ways to watchΒ theCUBEβs coverageΒ of Chainguard Assemble, including theCUBEβsΒ dedicated websiteΒ andΒ YouTube channel.Β You can also get all the coverage from this yearβs events onΒ News.
TheCUBE podcasts
Newsβs βtheCUBE Podβ is available onΒ Apple Podcasts,Β SpotifyΒ andΒ YouTube, which you can enjoy while on the go. During each podcast, Newsβs John Furrier and Dave Vellante unpack the biggest trends in enterprise tech β from AI and cloud to regulation and workplace culture β with exclusive context and analysis.
News also produces our weekly βBreaking Analysisβ program, where Dave Vellante examines the top stories in enterprise tech, combining insights from theCUBE with spending data from Enterprise Technology Research, available onΒ Apple Podcasts,Β SpotifyΒ andΒ YouTube.
Guests
DuringΒ Chainguard Assemble, theCUBEβs coverage will feature discussions with cross-sector software, open-source and security executives on approaches to integrating trust into modern software development. Stay tuned for our complete guest list.
(* Disclosure: TheCUBE is a paid media partner for the Chainguard Assemble event. Neither Chainguard, the sponsor of theCUBEβs event coverage, nor other sponsors have editorial control over content on theCUBE or News.)
Image: News
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBEβs Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni β Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About News Media
Founded by tech visionaries John Furrier and Dave Vellante, News Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
