About Chalk

Chalk™ is an open-source project created by John Viega, and is the core engine that powers the Crash Override platform.

You can find the source code at https://gihub.com/crashappsec/chalk. We also provide free binary downloads on our release page.

Chalk captures metadata at build time, and can add a small 'chalk mark' to any artifacts, so they can be identified in production. Chalk can also extract chalk marks and collect additional metadata about the operating environment when it does this.


Using Chalk, you can build a graph connecting development and production, so that devops engineers understand what is happening in the development process, and so that developers can understand what is happening in the infrastructure. With this information they can work better together. Visibility into development and production also enables security engineers to better manage risk.

We publish how-tos that use chalk to solve specific problems on this documentation site. These can be found in the side-bar navigation.

Getting started

We recommend first reading the user guide and then following the getting started guide.

Note : full documentation is also available directly inside the CLI.