anchore
Safeguard articles tagged "anchore" — guides, analysis, and best practices for software supply chain and application security.
10 articles
What is a Software Bill of Materials (SBOM) — definitions...
What is an SBOM? A plain-language breakdown of definitions, contents, formats (SPDX vs CycloneDX), compliance drivers, and real use cases like Log4Shell and xz-utils.
How to generate an SBOM with free open source tools
Free tools like Syft and Trivy can generate an SBOM in minutes. Here's exactly how, where open source tooling stops scaling, and how Safeguard fills the gap.
How Syft scans software to generate SBOMs (under-the-hood...
A deep look at Syft's under-the-hood scanning mechanics — catalogers, binary classifiers, layer squashing, and SBOM formats — and where the single-scan model breaks down at fleet scale.
What is Software Supply Chain Security (SSCS)?
SolarWinds, Log4Shell, and the XZ Utils backdoor show why supply chain security now means more than SBOMs. Here's what SSCS actually covers—and where Anchore's approach falls short.
Best practices for securing the software supply chain
From the xz backdoor to SolarWinds, real incidents show why SBOMs, build provenance, and continuous monitoring matter more than scanning alone.
Anchore's approach to DevSecOps (case for shift-left secu...
How Anchore's devsecops approach uses SBOMs and shift-left scanning to catch vulnerabilities early, and why runtime visibility still matters.
Grype v0.108 Release Notes Walkthrough
Anchore's Grype shipped v0.108.0 in late 2025 with the new vulnerability database v6 schema, distroless support fixes, and a tightened CPE matcher.
Syft v1.20 Release: Faster Scans, Smarter License Detection
Anchore's Syft v1.20 ships a refactored license cataloger, Bitnami SBOM passthrough, and a 2x speedup on filesystem scans. We tested the upgrade on five real codebases.
Anchore Syft: The Go-To Open Source SBOM Generator
A thorough review of Anchore's Syft SBOM generation tool, covering supported formats, language ecosystems, container scanning, and integration patterns.
Generating SBOMs with Syft: The Complete Guide
Syft is the most popular open-source SBOM generator. Here's how to use it effectively for containers, directories, archives, and CI/CD pipelines.