We are Anchore. Securing and managing the software supply chain. Proud parents of Syft and Grype
We regularly write about what we're working on; here are some recent blog posts:
- Anchore Achieves AWS Security Competency & Launches Anchore Enterprise AMI (1 week ago)
- Time to Take Another Look at Grype: A Year of Major Improvements (1 week ago)
- How to Use Anchore & DefectDojo to Stand Up Your DevSecOps Function (1 week ago)
- SPDX 3.0: From Software Inventory to System Risk Orchestration (2 weeks ago)
- How to Respond When Your Customers Require an SBOM (and Even Write It Into the Contract!) (3 weeks ago)
We discuss our open source tools on Discourse. Here are some recent topics:
- July 10th | Open Source Gardening | Live Stream (1 day ago)
- Anchore Open Source Weekly Report - Week 26, 2025 (1 day ago)
- The Shifting Landscape of Software Delivery and Vulnerability Tracking (3 days ago)
- Grype - v0.95.0 released (6 days ago)
- Syft - v1.28.0 released (6 days ago)