We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- Anchore Enterprise 5.19: Automated STIG Compliance and Flexible Scanning for Modern DevSecOps (1 day ago)
- Anchore Achieves AWS Security Competency & Launches Anchore Enterprise AMI (1 week ago)
- Time to Take Another Look at Grype: A Year of Major Improvements (2 weeks ago)
- How to Use Anchore & DefectDojo to Stand Up Your DevSecOps Function (2 weeks ago)
- SPDX 3.0: From Software Inventory to System Risk Orchestration (2 weeks ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- July 10th | Open Source Gardening | Live Stream (3 days ago)
- Anchore Open Source Weekly Report - Week 26, 2025 (3 days ago)
- The Shifting Landscape of Software Delivery and Vulnerability Tracking (5 days ago)
- Grype - v0.95.0 released (1 week ago)
- Syft - v1.28.0 released (1 week ago)
