We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- Anchore Achieves AWS Security Competency & Launches Anchore Enterprise AMI (today)
- Time to Take Another Look at Grype: A Year of Major Improvements (5 days ago)
- How to Use Anchore & DefectDojo to Stand Up Your DevSecOps Function (6 days ago)
- SPDX 3.0: From Software Inventory to System Risk Orchestration (1 week ago)
- How to Respond When Your Customers Require an SBOM (and Even Write It Into the Contract!) (2 weeks ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- July 3rd | Open Source Gardening | Live Stream (1 day ago)
- Anchore Open Source Weekly Roundup, Week 26, 2025 (1 day ago)
- Errors when using the syft image in a Cloud pipeline (4 days ago)
- Another look at Grype - New Features (5 days ago)
- Database cleanup (1 week ago)