Grype v0.92.2 released 🎉
https://github.com/anchore/grype/releases/tag/v0.92.2
#opensource #sbom #security
New week, better scans! ✨ Grype got a fix for version prefix checks, making your vulnerability results even more accurate. And Syft now speaks PURL lists for better interoperability! 🔗 What else did we cook up? Check the "Last Week in OSS" report!
https://anchorecommunity.discourse.group/t/anchore-open-source-weekly-report-week-20-2025/437
Open source is undeniably a target for attackers, as seen with XZ and tj-actions/changed-files. However, the easyjson case highlights a crucial point: focusing solely on the origin of open-source projects is insufficient for risk assessment. We must prioritize Software Bill of Materials (SBOMs) and vulnerability scanning to ensure robust security. Tools like Syft and Grype can be invaluable here. Read an o... #opensource #security #SBOM #vulnerabilitymanagement #devsecops https://anchore.com/blog/easyjson-and-foreign-influence-should-we-panic/
19.5.2025 20:27Open source is undeniably a target for attackers, as seen with XZ and tj-actions/changed-files. However, the easyjson case highlights a...Grype v0.92.1 released 🎉
https://github.com/anchore/grype/releases/tag/v0.92.1
#opensource #sbom #security
Want to influence the direction of Grype? 🚀 Tell us how you use it and what improvements you'd like to see! Your feedback matters! Survey here: https://forms.gle/hvgpNeZadLfFhCf69
#Grype #Security #OpenSource
Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom https://www.youtube.com/live/OmCKISusDDs
15.5.2025 18:55Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom https://www.youtube.com/live/OmCKISusDDsGrype v0.92.0 released! Tons of good stuff in here! Upgrade today! v1.0 must be just around the corner! :)
https://anchorecommunity.discourse.group/t/grype-v0-92-0-released/431
Burning questions about SBOMs, Supply Chain & Container Security? Join our live stream Thursdays at 7 PM UK / 3 PM ET / 12 PM PT https://www.youtube.com/live/OmCKISusDDs
13.5.2025 02:07Burning questions about SBOMs, Supply Chain & Container Security? Join our live stream Thursdays at 7 PM UK / 3 PM ET / 12 PM PT...Hey, did you know grype has an "explain" option, that... "explains" vulnerabilities.
There's even a blog about it: https://anchore.com/blog/introducing-grype-explain/
#security #vulnerability
Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom https://www.youtube.com/playlist?list=PL4LF17QFqXYZsXvQUL8PWwSN0ZnthPRMm&playnext=1&index=1
8.5.2025 18:55Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom...Burning questions about SBOMs, Supply Chain & Container Security? Join our live stream Thursdays at 8PM UK / 3 PM ET / 12 PM PT https://www.youtube.com/playlist?list=PL4LF17QFqXYZsXvQUL8PWwSN0ZnthPRMm&playnext=1&index=1
7.5.2025 01:02Burning questions about SBOMs, Supply Chain & Container Security? Join our live stream Thursdays at 8PM UK / 3 PM ET / 12 PM PT...Stay updated with Grype! This week's Anchore OSS report highlights a key improvement in Golang PURL handling (PR #2586 by goatwu1993), enhancing vulnerability detection for Go projects.
See what else the Anchore OSS community achieved last week: https://anchorecommunity.discourse.group/t/anchore-open-source-weekly-report-week-18-2025/421
Want to influence the direction of Grype? 🚀 Tell us how you use it and what improvements you'd like to see! Your feedback matters! Survey here: https://forms.gle/hvgpNeZadLfFhCf69
#Grype #Security #OpenSource
Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom https://www.youtube.com/playlist?list=PL4LF17QFqXYZsXvQUL8PWwSN0ZnthPRMm&playnext=1&index=1
1.5.2025 18:55Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom...🧑💻 What's cookin' in Anchore OSS? This week: 18 issues/PRs tackled! 💥 Syft got smarter with .NET & Chrome, Grype fixed a critical vuln bug, and community heroes dropped perf & regex wins! 💪
Weekly digest is live: https://anchorecommunity.discourse.group/t/anchore-open-source-weekly-report-week-17-2025/416
#OpenSource #DevSecOps
Hey, did you know grype has an "explain" option, that... "explains" vulnerabilities.
There's even a blog about it: https://anchore.com/blog/introducing-grype-explain/
#security #vulnerability
Noticed some strange results from Grype v0.91.1? Our bad! 😬 Grype v0.91.2 is out now, fixing those pesky false positives. Update for cleaner scans!
https://github.com/anchore/grype/releases/tag/v0.91.2
New release: Grype v0.91.1 is out! 🐛 Packed with important bug fixes for improved vulnerability scanning accuracy and stability.
Check the changelog and upgrade!
#grype #security #devsecops
https://github.com/anchore/grype/releases/tag/v0.91.1
Spending time plumbing Syft & Grype into custom dashboards & policy engines on AWS than actually securing things? 😉 Our sponsors at Anchore packaged it all up in the Enterprise Cloud Image. Might save ya some hassle!
https://anchore.com/blog/introducing-the-anchore-enterprise-cloud-image/
#DevSecOps #SecurityAutomation #AWS
Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom https://anchorecommunity.discourse.group/t/april-24th-open-source-gardening-live-stream/410
24.4.2025 18:55Grab a beverage and join the Syft & Grype team livestream in 5 minutes! #security #sbom...⬆️
⬇️