Percona and Chainguard Partner to Deliver Secure Open Source Software

Container security has become a top priority as more workloads migrate to Kubernetes and other orchestration platforms. Open‑source databases, while cost‑effective and flexible, often suffer from fragmented image pipelines that leave them exposed to unpatched vulnerabilities. By integrating Chainguard’s secure‑by‑default image framework—featuring minimal base layers, immutable provenance data, and FIPS‑ready configurations—Percona delivers a hardened foundation that aligns with modern compliance mandates such as PCI‑DSS and GDPR.

Chainguard’s approach emphasizes continuous rebuilding and signing of images, ensuring that any newly disclosed CVE is addressed within predefined service‑level agreements. This reduces the average time‑to‑remediate from weeks to hours, effectively keeping CVE counts near zero. Percona complements this technical rigor with its seasoned support team, offering 24/7 assistance, performance tuning, and SLA‑guaranteed patch deployment. The combined offering spans the full Percona catalog—MySQL, PostgreSQL, MongoDB, MariaDB, Redis, and Valkey—providing a one‑stop shop for enterprises that need both security and expert operational guidance.

For businesses, the partnership translates into tangible cost savings and risk mitigation. Companies no longer need to allocate engineering resources to craft custom, hardened images, freeing teams to focus on core innovation. Moreover, the joint solution simplifies audit trails and compliance reporting, as every image is traceable and backed by verifiable provenance. As the demand for secure, open‑source infrastructure grows, this collaboration positions both Percona and Chainguard as key enablers for enterprises seeking to modernize their data stacks without compromising security.