In this blog post we will delve into the OWASP Top 10 Web Application Security Vulnerabilities, exploring each security risk in detail

Anchore Open Source Weekly Report This report covers the community activity in Anchore Open Source Projects from September 1, 2025 to September 5, 2025. Executive Summary The Anchore Open Source ecosystem delivered steady progress this week with 11 issues and pull requests resolved across the project portfolio. Development efforts focused on infrastructure improvements and vulnerability detection reliability, with notable enhancements to Grype’s unaffected package handling and database query op...

Join our weekly *Open Source Security* live stream! Watch Anchore's Developer Relations and Engineering teams collaborate in real-time on crucial *Software Supply Chain Security* tools. This session focuses on improving *Syft* (for *SBOM* generation) and *Grype* (for *vulnerability scanning*), addressing community-raised issues and pull requests. Every Thursday, "Open Source Gardening" offers a transparent look into maintaining popular *open source security* projects. We'll dive into items marked 'needs discussion' and, time permitting, tackle other interesting contributions. Learn development best practices, understand the challenges of *SBOM* accuracy, and see how *vulnerability scanning* tools evolve. Whether you're a contributor, user, or just curious about *open source security*, tune in to learn and engage with the minds behind Anchore's OSS tools. *Agenda:* - Discuss and resolve issues/PRs tagged 'needs discussion'. - Tackle other high-priority or interesting community contributions for Syft, Grype, and related projects. *Resources & Learn More:* - Learn about SBOMs: [Link to Anchore's SBOM pillar page/guide if available] - Dive into Software Supply Chain Security: [Link to relevant Anchore pillar page/blog if available] - Syft on GitHub: https://github.com/anchore/syft - Grype on GitHub: https://github.com/anchore/grype - Join the Community Discussion: https://anchore.com/discourse - All Anchore Open Source Projects: https://github.com/anchore - Sign-up for the OSS Newsletter: https://get.anchore.com/anchore-community/ #OpenSourceSecurity #SBOM #SoftwareSupplyChainSecurity

Learn about popular open source vulnerability scanners, and how using them alongside secure base images like Minimus simplifies vulnerability management.

Join our weekly *Open Source Security* live stream! Watch Anchore's Developer Relations and Engineering teams collaborate in real-time on crucial *Software Supply Chain Security* tools. This session focuses on improving *Syft* (for *SBOM* generation) and *Grype* (for *vulnerability scanning*), addressing community-raised issues and pull requests. Every Thursday, "Open Source Gardening" offers a transparent look into maintaining popular *open source security* projects. We'll dive into items marked 'needs discussion' and, time permitting, tackle other interesting contributions. Learn development best practices, understand the challenges of *SBOM* accuracy, and see how *vulnerability scanning* tools evolve. Whether you're a contributor, user, or just curious about *open source security*, tune in to learn and engage with the minds behind Anchore's OSS tools. *Agenda:* - Discuss and resolve issues/PRs tagged 'needs discussion'. - Tackle other high-priority or interesting community contributions for Syft, Grype, and related projects. *Resources & Learn More:* - Learn about SBOMs: [Link to Anchore's SBOM pillar page/guide if available] - Dive into Software Supply Chain Security: [Link to relevant Anchore pillar page/blog if available] - Syft on GitHub: https://github.com/anchore/syft - Grype on GitHub: https://github.com/anchore/grype - Join the Community Discussion: https://anchore.com/discourse - All Anchore Open Source Projects: https://github.com/anchore - Sign-up for the OSS Newsletter: https://get.anchore.com/anchore-community/ #OpenSourceSecurity #SBOM #SoftwareSupplyChainSecurity

Anchore Open Source Weekly Report This report covers the community activity in Anchore Open Source Projects from August 11, 2025 to August 17, 2025. Executive Summary The Anchore Open Source ecosystem experienced steady development momentum this week with 30 issues and pull requests successfully resolved across the project portfolio. Community engagement was particularly notable with important contributions including modernized GoReleaser configurations and critical bug fixes for OpenSSL versio...

The next frontier in cyber defense technology and its double-edged potential

Join our weekly *Open Source Security* live stream! Watch Anchore's Developer Relations and Engineering teams collaborate in real-time on crucial *Software Supply Chain Security* tools. This session focuses on improving *Syft* (for *SBOM* generation) and *Grype* (for *vulnerability scanning*), addressing community-raised issues and pull requests. Every Thursday, "Open Source Gardening" offers a transparent look into maintaining popular *open source security* projects. We'll dive into items marked 'needs discussion' and, time permitting, tackle other interesting contributions. Learn development best practices, understand the challenges of *SBOM* accuracy, and see how *vulnerability scanning* tools evolve. Whether you're a contributor, user, or just curious about *open source security*, tune in to learn and engage with the minds behind Anchore's OSS tools. *Agenda:* - Discuss and resolve issues/PRs tagged 'needs discussion'. - Tackle other high-priority or interesting community contributions for Syft, Grype, and related projects. *Resources & Learn More:* - Learn about SBOMs: [Link to Anchore's SBOM pillar page/guide if available] - Dive into Software Supply Chain Security: [Link to relevant Anchore pillar page/blog if available] - Syft on GitHub: https://github.com/anchore/syft - Grype on GitHub: https://github.com/anchore/grype - Join the Community Discussion: https://anchore.com/discourse - All Anchore Open Source Projects: https://github.com/anchore - Sign-up for the OSS Newsletter: https://get.anchore.com/anchore-community/ #OpenSourceSecurity #SBOM #SoftwareSupplyChainSecurity

This report covers the community activity in Anchore Open Source Projects from July 28, 2025 to August 1, 2025. Executive Summary Week 31 delivered steady progress across the Anchore ecosystem with 21 issues and pull requests successfully resolved. The week was marked by infrastructure modernization efforts, including the migration to GolangCI-Lint v2 by community contributor Carlos Tadeu Panato Junior, and comprehensive install URL migrations across multiple repositories. The team addressed cr...

YouTube video by SecPoint - Best Cyber Security

This report covers the community activity in Anchore Open Source Projects from July 21, 2025 to July 27, 2025. Executive Summary Week 30 proved to be exceptionally productive for the Anchore ecosystem, with 22 issues and pull requests successfully resolved across the project portfolio. The highlight of the week was the long-awaited integration of snap package scanning support in Grype, addressing a community request that had been pending since 2022. Additionally, comprehensive Red Hat Enterpris...

This report covers the community activity in Anchore Open Source Projects from July 14, 2025 to July 18, 2025. Executive Summary The Anchore Open Source ecosystem delivered strong progress this week with 22 issues and pull requests successfully resolved across the project portfolio. A standout achievement was the long-awaited integration of Python UV lock file support in Syft, fulfilling a community request that had been in development for several months. The team also prioritized security infr...

This report covers the community activity in Anchore Open Source Projects from July 14, 2025 to July 18, 2025. Executive Summary The Anchore Open Source ecosystem delivered strong progress this week with 22 issues and pull requests successfully resolved across the project portfolio. A standout achievement was the long-awaited integration of Python UV lock file support in Syft, fulfilling a community request that had been in development for several months. The team also prioritized security infr...

Join our weekly *Open Source Security* live stream! Watch Anchore's Developer Relations and Engineering teams collaborate in real-time on crucial *Software Supply Chain Security* tools. This session focuses on improving *Syft* (for *SBOM* generation) and *Grype* (for *vulnerability scanning*), addressing community-raised issues and pull requests. Every Thursday, "Open Source Gardening" offers a transparent look into maintaining popular *open source security* projects. We'll dive into items marked 'needs discussion' and, time permitting, tackle other interesting contributions. Learn development best practices, understand the challenges of *SBOM* accuracy, and see how *vulnerability scanning* tools evolve. Whether you're a contributor, user, or just curious about *open source security*, tune in to learn and engage with the minds behind Anchore's OSS tools. *Agenda:* - Discuss and resolve issues/PRs tagged 'needs discussion'. - Tackle other high-priority or interesting community contributions for Syft, Grype, and related projects. *Resources & Learn More:* - Learn about SBOMs: [Link to Anchore's SBOM pillar page/guide if available] - Dive into Software Supply Chain Security: [Link to relevant Anchore pillar page/blog if available] - Syft on GitHub: https://github.com/anchore/syft - Grype on GitHub: https://github.com/anchore/grype - Join the Community Discussion: https://anchore.com/discourse - All Anchore Open Source Projects: https://github.com/anchore - Sign-up for the OSS Newsletter: https://get.anchore.com/anchore-community/ #OpenSourceSecurity #SBOM #SoftwareSupplyChainSecurity

Find out why now is the best time for a vulnerability scanner comparison. Discover the advancements in Grype's features and performance.