We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- Easyjson and foreign influence, should we panic? (today)
- EU CRA SBOM Requirements: Overview & Compliance Tips (2 days ago)
- SBOMs as the Crossroad of the Software Supply Chain: Anchore Learning Week (Day 5) (6 days ago)
- How the US Navy Approaches DevSecOps with Raise 2.0 (1 week ago)
- SBOM Insights on LLMs, Compliance Attestations and Security Mental Models: Anchore Learning Week (Day 4) (1 week ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- Grype - v0.92.0 released (1 day ago)
- Syft - v1.24.0 released (1 day ago)
- Unable to use html template when using grype in a container in a jenkins job to scan docker images (2 days ago)
- May 15th | Open Source Gardening | Live Stream (3 days ago)
- Anchore Open Source Weekly Report - Week 19, 2025 (3 days ago)