Open Source & Anchore
This collection of powerful tools for secure development are open source and free to all.
At Anchore, they are the foundation for everything that we build.
Anchore Toolbox
Spotlight on Syft And Grype

Syft
Syft generates a comprehensive Software Bill of Materials (SBOM) you can use to track dependencies in your project - or discover something you didn't know was hidden within someone else's.

Grype
Using Grype, you can quickly generate a list of known vulnerabilities that exist within a container image or project directory. Install the Visual Studio Code extension and it'll scan in the background while you code.
Open Source Is Who We Are
At Anchore, we believe that software is the key to solving our greatest problems, no matter what they are. Software development as we know it would not be possible without open source developers or their projects.
We believe the essential tools for secure development should be available to everyone. That is why open source is part of every decision we make.
Anchore Enterprise
Anchore Enterprise builds on top of our open source projects to deliver a continuous compliance and security solution that supports your software development lifecycle with full commercial support from Anchore.