Federation
Gastropod instances are sovereign nodes that talk to each other over an open protocol. Each one broadcasts what you host and, privately and by your choice, shares the findings that matter — without surrendering your data, your identity, or your tenancy to anyone's hub.
Three ways to federate
From wide-open broadcast to a closed, credentialed network. You pick the blast radius per org, and per finding.
Public actor
Each org gets its own ActivityPub actor: @{slug}@your-host. Turn federation
on and its public package sightings are announced to followers across the
open fediverse. Mastodon, GoToSocial, any AP peer can follow along.
The @registry firehose & conversation
One feed of everything public your instance sees. Researchers can reply from their own fediverse account, and comments thread into your community view with their avatar. You reply, edit, and retract right back, signed by your instance.
Sectors
A closed, credentialed network of instances that share findings, including private and embargoed ones. Sharing is the org owner's deliberate, warned choice, and a finding stays attributed to the org that authored it, on whichever instance reads it.
Speaks the open standards
No proprietary protocol. Federation rides ActivityPub, so any fediverse server can follow, comment, and interoperate.
ActivityPub
the open protocol we speak
Mastodon
follow & reply from any account
How it works
One switch per org. After that, federation rides the same artifact identity the rest of gastropod is built on.
Enable
An org owner flips federation on. The org gets a keypair and an actor document, and nothing federates until that deliberate switch.
Announce
New public versions the org hosts are pushed to its followers and the
@registryfirehose automatically. They're signed, and there's no history dump.Discuss
A peer comments on a sighting from their fediverse account, and it threads into your community view. You reply, edit, or remove, and the change reaches every instance that saw it.
Share
Into a sector, an owner can share a finding, even an embargoed one, with a vetted network. It arrives attributed to your org, with tenancy preserved on the far side.
Scan once, share the signal
The whole point of sharing findings is to stop everyone re-scanning the same packages. Vet an artifact once, or let a trusted peer, and the verdict travels with it.
Don't re-scan the world
A finding attaches to an exact artifact, so wherever that package turns up, across your org or a sector you trust, the answer is already there. Less duplicated scanning, faster verdicts, no rework.
Bring your own scanner (BYOS)
Our ingest pipeline consumes findings in whatever format your tools emit: Trivy, Grype, Snyk, Anchore, CycloneDX, OpenVEX, native JSON. Each one attaches to the artifact and rides the same federation as everything else. We don't replace your scanners; we make their results travel.
MCP artifact orchestration
A built-in MCP server orchestrates findings and artifacts directly, so scanners and AI assistants submit findings and query the catalog with vetted, scoped access. Your tooling, and the agents you trust, plug into the same intelligence layer.
Built to be trusted
Sharing intelligence between orgs is where it gets dangerous, so the model assumes the worst: one instance can never forge, leak, or revoke another's findings, and nothing private leaves by accident.
Your data stays yours
Findings live on your instance and stay attributed to your org wherever they travel. Run the node yourself or let us host it; either way it's an open protocol, so you own your findings, pick your peers, and keep your exit — stop sharing or leave at any time.
Verified identity, no spoofed origins
Each member instance has a keypair whose identity gastropod.io verifies before it can join a sector, and every finding it sends carries that signature. An instance can only speak for the orgs it actually hosts — nobody can forge a finding in your name or quietly revoke one you published, and there are no anonymous peers.
Nothing leaves by accident
Sharing a private or embargoed finding takes a deliberate, explicit confirmation: this will reach every member of the sector and can't be unsent. No silent disclosure.
You govern what you share
Each org decides exactly which findings go into exactly which sectors — opt-in, per finding, by the org that owns it. Never a blanket switch.
Sectors vs. Athena: one coalition, or your own?
Athena is one coalition you're admitted to. Sectors let you run your own. In June 2026 Chainguard launched Athena, an industry coalition (BNY, Cisco, Cloudflare, JPMorganChase and around two dozen others) that finds open-source vulnerabilities, many with AI, fixes them before public disclosure, and ships hardened rebuilds to members. It operates at real scale. Sectors take the opposite shape: instead of petitioning to join a single central club, you convene your own private sharing networks, with exactly the partners you trust (your supply chain, your customers, an ISAC, your industry peers), on infrastructure you run or we host for you.
| Dimension | gastropod sectors | Chainguard Athena |
|---|---|---|
| Shape | Decentralized: you stand up your own sectors | Centralized: one coalition Chainguard operates |
| Who's in the network | You set the roster: suppliers, customers, an ISAC, peers | Chainguard admits vetted members |
| Joining | Form or join a sector when you want; no waiting to be let in | Vetted enterprise membership, by invitation |
| What's shared | Findings you choose, including private and embargoed, with attribution | AI-found OSS vulns, coordinated pre-disclosure |
| Where your data lives | Your instance (self-hosted or we host it); it stays yours | Contributed into the coalition; fixes delivered as hardened forks |
| Run it yourself | Yes | No; Chainguard-operated |
| Trust & control | gastropod.io verifies identities; you own the roster and the exit | Chainguard is the trust & distribution hub |
| Pre-disclosure patching at scale | Not its aim; sectors share intel and you remediate | Batch hardening and rebuilt forks |
| AI-based vulnerability scanning | Enables more effective use of your AI-based vulnerability scanning | Members surface vulns with AI (Glasswing / Daybreak) |
| Cuts redundant scanning | Shared findings travel with the artifact: vet once, reuse everywhere | Yes: consume pre-hardened, rebuilt packages |
| Plugs into your scanners & agents | BYOS ingest in any format, plus MCP artifact orchestration | Members' AI programs feed the coalition |
Not direct substitutes, and not mutually exclusive: run your own sectors
and still pull hardened images from any provider you want. Athena is one central coalition that
hardens upstream open source at scale; sectors are the sovereign alternative for sharing
your intelligence with exactly the partners you choose, keeping your data,
identity, and roster on your side of the wire. (Public broadcast, the @actor and
@registry feeds above, is a separate, open layer; sectors are the private one.)