We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- Anchore Enterprise Q4 release: File System Scanning, BYOS Policy, Vulnerability Search (1 day ago)
- Start Safe, Stay Secure: How Anchore and Chainguard Libraries Strengthen Software Supply Chains (2 days ago)
- NIST 2.0: Common Failures and Their Impact on Cybersecurity Resilience (3 days ago)
- 4 Lessons on the Future of Software Transparency from Steve Springett of CycloneDX (4 days ago)
- SBOM is an investment in the future (1 week ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- Listing the image that is being scanned (1 week ago)
- PSA: No livestream next week (Nov 27th, 2025) (2 weeks ago)
- November 6 | Open Source Gardening | Live Stream (1 month ago)
- Does grype fully handle the Trivy based SBOM vulnerability analysis? (1 month ago)
- Does grype covers urls instead of version in npm? (1 month ago)
