Skip to content
@anchore

Anchore, Inc.

 Mastodon  Twitter   LinkedIn   Anchore Community Discourse 

Welcome 👋

We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype

Blog

We regularly write about what we're working on; here are some recent blog posts:

Community

We discuss our open source tools on Discourse. Here are some recent topics:

Pinned Loading

  1. syft syft Public

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

    Go 7.1k 670

  2. grype grype Public

    A vulnerability scanner for container images and filesystems

    Go 10k 637

  3. scan-action scan-action Public

    Anchore container analysis and scan provided as a GitHub Action

    JavaScript 245 80

  4. sbom-action sbom-action Public

    GitHub Action for creating software bill of materials using Syft.

    TypeScript 188 31

  5. kubernetes-admission-controller kubernetes-admission-controller Public

    Service implementation for a Kubernetes Dynamic Webhook controller for interacting with Anchore

    Go 64 30

  6. anchore-charts anchore-charts Public

    Helm charts for Anchore tools and services

    Python 47 73

Repositories

Showing 10 of 89 repositories
  • stereoscope Public

    go library for processing container images and simulating a squash filesystem

    anchore/stereoscope’s past year of commit activity
    Go 99 Apache-2.0 50 19 9 Updated Jun 9, 2025
  • .github Public

    Anchore, Inc

    anchore/.github’s past year of commit activity
    0 0 0 0 Updated Jun 9, 2025
  • grype Public

    A vulnerability scanner for container images and filesystems

    anchore/grype’s past year of commit activity
    Go 9,973 Apache-2.0 637 283 20 Updated Jun 9, 2025
  • vulnerability-match-labels Public

    Labeled vulnerability-package match pairs used as ground truth to evaluate vulnerability scanners

    anchore/vulnerability-match-labels’s past year of commit activity
    Python 11 CC0-1.0 6 3 0 Updated Jun 9, 2025
  • homebrew-syft Public

    homebrew tap for syft

    anchore/homebrew-syft’s past year of commit activity
    Ruby 2 Apache-2.0 0 1 0 Updated Jun 9, 2025
  • syft Public

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

    anchore/syft’s past year of commit activity
    Go 7,145 Apache-2.0 670 414 29 Updated Jun 9, 2025
  • sbom-action Public

    GitHub Action for creating software bill of materials using Syft.

    anchore/sbom-action’s past year of commit activity
    TypeScript 188 Apache-2.0 31 12 (1 issue needs help) 2 Updated Jun 9, 2025
  • grype-db Public
    anchore/grype-db’s past year of commit activity
    Go 50 Apache-2.0 21 10 7 Updated Jun 9, 2025
  • k8s-inventory Public

    Anchore Kubernetes Inventory can poll Kubernetes Cluster API(s) to tell Anchore Enterprise which Containers and Images are currently in-use

    anchore/k8s-inventory’s past year of commit activity
    Go 65 Apache-2.0 15 4 1 Updated Jun 9, 2025
  • vunnel Public

    Tool for collecting vulnerability data from various sources (used to build the grype database)

    anchore/vunnel’s past year of commit activity
    Python 97 Apache-2.0 32 31 (2 issues need help) 10 Updated Jun 9, 2025