
Dan Lorenc, a former Google engineer and key figure in the open-source software supply chain securit...
The AMW Read
Incremental update to known player (Chainguard already in corpus as infra security co); valuation signals segment-level maturation of AI infrastructure security.
Dan Lorenc, a former Google engineer and key figure in the open-source software supply chain security movement, has built Chainguard into a $3.5 billion startup. The company focuses on securing the software supply chain by providing minimal, hardened container images and tools to prevent supply-chain attacks such as those that have hit SolarWinds and Codecov.
Why it matters: AI companies increasingly rely on complex open-source dependencies for model training, inference, and DevOps pipelines. Chainguard's valuation surge signals that the market for secure software supply chains is expanding beyond traditional cybersecurity into AI infrastructure. As AI models become embedded in enterprise workflows, the integrity of the underlying software supply chain becomes critical β a pattern we recognize from the broader infrastructure security landscape.
Expert take: Chainguard's rapid ascent mirrors the 'fastest-ARR-ramp' pattern seen in AI-native companies, but here it is applied to the plumbing layer. The $3.5B valuation, while not a direct AI milestone, underscores the substrate's growing dependence on secure, tamper-proof code from foundation to deployment. This is a bellwether for the maturation of AI infrastructure security as an investable category.