We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- NPM Supply Chain Breach Response for Anchore Enterprise and Grype Users (2 days ago)
- DevOpsDays Washington, DC (3 days ago)
- Navigating the New Compliance Frontier (4 days ago)
- Sabel Systems Leverages Anchore SBOM and SECURE to Scale Compliance While Reducing Vulnerability Review Time by 75% (1 week ago)
- Establishing Continuous Compliance with Anchore & Chainguard: Automating Container Security (1 week ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- Should I create a template, or just post-process to get an SPDX SBOM containing PURLs only? (2 days ago)
- Update: Raise in false positives due to missing NVD overrides (2 days ago)
- September 11th | Open Source Gardening | Live Stream (3 days ago)
- Adding support for container first distro: 0-deb (4 days ago)
- Anchore Open Source Weekly Report - Week 36, 2025 (5 days ago)
