SmartBear announced AI enhancements for API testing, UI test automation, and test management across its product suite, the SmartBear Application Integrity Core™.
Chainguard Introduces the Guardener
March 19, 2026
Chainguard announced the Guardener, an AI agent that enables intelligent, continuous maintenance of Chainguard's trusted open source artifacts across software development and deployment workflows.
Today, the Guardener automatically converts bloated, legacy Dockerfiles to use minimal, zero-CVE Chainguard container images, eliminating manual migration toil while preserving developer velocity. Over time, the Guardener will extend even more capabilities of the Chainguard Factory to Chainguard customers, making the infrastructure the company uses to build and maintain secure-by-default open source software accessible to developers to automate migrations, dependency updates, and ongoing artifact maintenance directly within their CI/CD environments.
"We've entered the agentic software development era, and the volume of code being generated is growing far beyond what humans can reasonably maintain," said Dan Lorenc, CEO and Co-founder, Chainguard. "The Guardener is our vision for how that changes: an intelligent system that can continuously build, update, and improve the artifacts developers and AI agents rely on. We're extending the same software factory we built to manage and harden open source at scale to everyone. Our goal is to help teams build efficient CI/CD systems they're confident in, where secure software is the default."
The Guardener intelligently gathers environmental context and insights to understand what a Dockerfile is designed to do, rebuilds it line by line, and continuously tests as it goes. The agent transforms what was once a time-intensive migration effort into a seamless, automated workflow. Key capabilities include:
- AI-powered orchestration: The Guardener makes contextual decisions about package mappings and migration strategies, incrementally building and testing Dockerfiles to produce accurate, stable conversions beyond basic text replacement.
- Incremental validation: Dockerfiles are rebuilt layer by layer to detect divergence early, providing functional equivalence checks and detailed migration reports.
- GitHub or local deployment: The Guardener can be deployed via a GitHub app[1] integration or locally in your environment to provide deeper context, telemetry, and validation. The Guardener calls back to Chainguard via API, delivering accuracy that standalone tools can't match.
With the Guardener, organizations can generate golden image catalogs or migrate individual Dockerfiles to use zero-CVE Chainguard base images, without requiring developers to learn new package managers or refactor workflows. What once took weeks to convert and test, the Guardener can now do in less than an hour. It also delivers verifiable post-migration insights, including comparisons of image size, vulnerability posture, and filesystem changes, providing audit trails for engineering and security teams.
As developers and agents interface with the Guardener, it will evolve to unlock more value from the Chainguard Factory, including:
- Ongoing build and maintenance: Move from Dockerfile conversion to custom image builds with ongoing maintenance powered by the Chainguard Factory's AI-native, hardened SLSA Level 3 pipeline, enabling automatic updates to images and dependencies.
- New secure-by-default artifacts: Extend to other code development artifacts like language libraries as well as CI/CD tooling like GitHub Actions, offering secure-by-default offerings and frictionless adoption paths.
- Predictive artifact requests: Identifying frequently installed third-party dependencies and proactively suggesting hardened, compliant versions built in the Chainguard Factory.
- Tracking implementation and reconciliation to runtime: Give teams better visibility into implementation progress and, as runtime insight expands, a clearer view of how those changes are reflected in production environments.
- Supply chain visibility: Deliver enhanced telemetry and reporting on open source artifact adoption to help security and platform teams monitor software supply chain health.
- Greater customization: Enable teams to tailor the agent through configurable skills and policies that support team-specific workflows without slowing developer velocity.
The Guardener is available in beta.
Industry News
March 31, 2026
JFrog announced its partnership with iZeno Pte Ltd, a Singapore-headquartered enterprise technology solutions provider.
March 30, 2026
Red Hat announced an expanded collaboration with Google Cloud to help organizations accelerate application modernization and cloud migrations.
March 30, 2026
The Linux Foundation, the nonprofit organization enabling mass innovation through open source, announced the contribution of SQLMesh, an open source data transformation framework, to the Foundation by Fivetran.
March 26, 2026
Check Point® Software Technologies Ltd. released the AI Factory Security Architecture Blueprint — a comprehensive, vendor-tested reference architecture for securing private AI infrastructure from the hardware layer to the application layer.
March 26, 2026
CMD+CTRL Security won the following awards from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine: Most Innovative Cybersecurity Training and Pioneering Secure Coding: Developer Upskilling.
March 25, 2026
Check Point® Software Technologies Ltd. announced the Check Point AI Defense Plane, a unified AI security control plane designed to help enterprises govern how AI is connected, deployed, and operated across the business.
March 25, 2026
Oracle announced the latest updates to Oracle AI Agent Studio for Fusion Applications, a complete development platform for building, connecting, and running AI automation and agentic applications.
March 25, 2026
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced that Istio has launched a host of new features designed to meet the rising needs of modern, AI-driven infrastructure while reducing operational complexity.
March 25, 2026
Chainguard announced Chainguard Repository, a single Chainguard-managed experience for pulling secure-by-default open source containers, dependencies, OS packages, virtual machine images, CI/CD workflows, and agent skills that have built-in, intelligent policies to enforce enterprise security standards.
March 24, 2026
Backslash Security announced new cross-product support for agentic AI Skills within its platform, enabling organizations to discover, assess, and apply security guardrails to Skills used across AI-native software development environments.
March 24, 2026
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the graduation of Kyverno, a Kubernetes-native policy engine that enables organizations to define, manage and enforce policy-as-code across cloud native environments.
March 24, 2026
Zero Networks announced the Kubernetes Access Matrix, a real time visual map that exposes every allowed and denied rule inside Kubernetes clusters.
March 24, 2026
Apiiro announced AI Threat Modeling, a new capability within Apiiro Guardian Agent that automatically generates architecture-aware threat models to identify security and compliance risks before code exists.
March 23, 2026
GitLab released GitLab 18.10, making it easier and more affordable to use agentic AI capabilities across the entire software development lifecycle.
