Search company, investor...

Founded Year



Acquired | Acquired

Total Raised




About CoreOS

CoreOS provides tools for working with the open-source Kubernetes container management software. It offers the foundation for warehouse-scale computing, allowing companies to run their services at scale with high resilience. It was formerly known as Polvi. The company was founded in 2013 and is based in San Francisco, California. In January 2018 CoreOS was acquired by Red Hat.

Headquarters Location

101 New Montgomery

San Francisco, California, 94105,

United States




Expert Collections containing CoreOS

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

CoreOS is included in 1 Expert Collection, including Cybersecurity.



7,291 items

These companies protect organizations from digital threats.

CoreOS Patents

CoreOS has filed 1 patent.

patents chart

Application Date

Grant Date


Related Topics



Web frameworks, Web applications, Java platform, Computer security exploits, Widget toolkits


Application Date


Grant Date


Related Topics

Web frameworks, Web applications, Java platform, Computer security exploits, Widget toolkits



Latest CoreOS News

Red Hat Tackles Software Supply Chain Security – Dark Reading

May 25, 2023

May. 25, 2023 at 10:52 pm In a bid to help developers securely build and deploy applications that rely on open source components, Red Hat unveiled the secure-by-design playbook the company has used for decades to build, monitor, and deploy its own software. The company introduced the Red Hat Trusted Software Supply Chain, which consists of four services and is based on the programming tools and methodologies the company uses internally, during Red Hat Summit this week in Boston. The focus on software supply chain security reflects two trends: organizations embracing the shift to cloud-native applications that are predominantly built with open source components, and the growing number of cyberattacks targeting vulnerabilities in those components. The US federal government is pushing organizations to implement secure-by-design and secure-by-default software development processes. The Cybersecurity & Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the FBI joined with global counterparts to publish the Secure-by-Design and Default Principles and Approaches guidance last month. “Trusting Red Hat with the security of an open source supply chain is basically a continuation of what we have been offering customers for the last 30 years,” says Red Hat’s general manager for cloud services, Sarwar Raza. “We’ve taken that capability, along with the CI/CD capabilities that we use in-house, and we’re now making our processes, technology, and expertise available to our customers so that you can secure and build your software in the same way we do.” A Preview of Red Hat’s Four Core Services Of the four services in Red Hat Trusted Software Supply Chain, two — Red Hat Trusted Application Pipeline and Red Hat Trusted Content — are available as preview versions. The third, Red Hat Advanced Cluster Security Cloud Service, is a managed service for securely building, deploying, and maintaining Kubernetes-based, cloud-native applications security. Finally, Quay is the enterprise registry acquired by CoreOS in 2014, which Red Hat took over after acquiring CoreOS in 2018. Raza says the offering includes thousands of trusted packages in Red Hat Enterprise Linux alone, as well as a catalog of critical application runtimes across Java, Node, and Python. “The service provides not just the hardened, trusted content, but we also provide knowledge,” he says. Red Hat Trusted Application can automatically generate software bills of materials (SBOMs) using that knowledge. “As a customer, you can take the artifacts, proving the security of those software packages and present it to auditors or regulators and then satisfy their requirements,” Raza says. Red Hat Trusted Application Pipelines builds on sigstore , an open source project that Red Hat initiated and has since turned over to the Linux Foundation; sigstore is now a freely available standard for cloud-native security signing. Application Pipelines handle multiple stages of the development process. In the coding stage, Red Hat provides a developer plugin that performs software composition analysis, which includes analyzing dependencies and warning of all vulnerabilities pointing developers to alternative components. At the build phase, Red Hat Application Pipelines produces an enterprise contract that’s fed into the system. “This basically sets the guardrails and the standards that will be enforced,” Raza says. Automatically Generating SBOMs Red Hat Trusted Pipelines also automatically generates software bills of materials (SBOMs) for each build. “SBOMs, vulnerability information, information about those packages, are part and parcel of the offering,” Raza says. “So as a customer, you can take the artifacts, proving the security of those software packages, and present it to auditors or regulators and then satisfy their requirements.” “This is a really good starting point for a lot of companies to be able to build their own products in a secure way,” says IDC analyst Al Gillen. “But they also still have to distribute their own product, and their distribution channel is a separate supply chain for somebody else.” Given Red Hat’s prominence in the open source infrastructure market, its offering promises to appeal to the broad ecosystem of those who build on Red Hat Enterprise Linux (RHEL) and OpenShift, but it doesn’t require either. It can also be disruptive to providers of SCA offerings from companies such as Black Duck (now Synopsis), Mend, and Snyk. “What Red Hat is offering is a repository of curated OSS components that its OpenShift customers can draw upon when building their apps,” says Omdia analyst Rik Turner. “This will surely be of value to them, potentially even obviating the need for the use of SCA platforms to check on what they are embedding in amongst their own code.”

CoreOS Frequently Asked Questions (FAQ)

  • When was CoreOS founded?

    CoreOS was founded in 2013.

  • Where is CoreOS's headquarters?

    CoreOS's headquarters is located at 101 New Montgomery, San Francisco.

  • What is CoreOS's latest funding round?

    CoreOS's latest funding round is Acquired.

  • How much did CoreOS raise?

    CoreOS raised a total of $48.02M.

  • Who are the investors of CoreOS?

    Investors of CoreOS include Red Hat, Kleiner Perkins Caufield & Byers, Fuel Capital, Y Combinator, Google Ventures and 7 more.

  • Who are CoreOS's competitors?

    Competitors of CoreOS include Docker and 4 more.


Compare CoreOS to Competitors

Docker Logo

Docker operates as a platform-based software solution provider. It helps developers build, share, and run applications. Its container platform enables companies to accelerate key digital initiatives including cloud migration, application modernization, and edge computing. It was formerly known as dotCloud. The company was founded in 2013 and is based in Palo Alto, California.

D2iQ Logo

D2iQ provides cloud platforms to embrace open-source and cloud-native innovations. It offers solutions including kubernetes adoption, air-gapped deployment, hybrid and multi-cloud, and more. The company empowers organizations to navigate and accelerate cloud-native journeys with technologies, training, professional services, and support. It was formerly known as Mesosphere. The company was founded in 2013 and is based in San Francisco, California.

C3DNA Logo

C3DNA uniquely enables unmodified Enterprise applications to be deployed, dynamically managed and delivered with QoS & Security across Clouds using our meta-container technology that provides application mobility across Virtual Machines, Containers and even Physical Servers.

Rafay Systems Logo
Rafay Systems

Rafay Systems provides cloud environment service. The company offers automated lifecycle management for containerized applications. It was founded in 2017 and is based in Sunnyvale, California.

Sauce Labs Logo
Sauce Labs

Sauce Labs provides continuous test and error reporting solutions. The company offers continuous testing cloud identifies quality signals in development and identifies the source of errors in production on every browser, operating system, and more. It primarily serves the Internet software and service sector. The company was founded in 2008 and is based in San Francisco, California.

AppHarbor Logo

AppHarbor is developing what they describe as "Heroku for .NET". It offers a .NET platform-as-a-service offering.


CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.