We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- The SBOM Paradox: Why ‘Useless’ Today Means Essential Tomorrow (2 days ago)
- SCA vs. SBOM: How They Differ & Why They Work Best as a Team (1 week ago)
- False Positives and False Negatives in Vulnerability Scanning: Lessons from the Trenches (2 weeks ago)
- NIS2 Compliance with SBOMs: a Scalable, Secure Supply Chain Solution (2 weeks ago)
- The True Cost of Compliance: Demonstrating the Value of Cybersecurity (3 weeks ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- Grype - v0.93.0 released (2 days ago)
- Syft - v1.27.0 released (3 days ago)
- June 12th | Open Source Gardening | Live Stream (3 days ago)
- Anchore Open Source Weekly Report - Week 24, 2025 (3 days ago)
- PSA: No gardening live stream this week (1 week ago)