loading . . . Live SBOM & Security Fixes: Anchore Devs Improve Syft & Grype (September 18th) Join our weekly *Open Source Security* live stream! Watch Anchore's Developer Relations and Engineering teams collaborate in real-time on crucial *Software Supply Chain Security* tools. This session focuses on improving *Syft* (for *SBOM* generation) and *Grype* (for *vulnerability scanning*), addressing community-raised issues and pull requests.
Every Thursday, "Open Source Gardening" offers a transparent look into maintaining popular *open source security* projects. We'll dive into items marked 'needs discussion' and, time permitting, tackle other interesting contributions. Learn development best practices, understand the challenges of *SBOM* accuracy, and see how *vulnerability scanning* tools evolve. Whether you're a contributor, user, or just curious about *open source security*, tune in to learn and engage with the minds behind Anchore's OSS tools.
*Agenda:*
- Discuss and resolve issues/PRs tagged 'needs discussion'.
- Tackle other high-priority or interesting community contributions for Syft, Grype, and related projects.
*Resources & Learn More:*
- Learn about SBOMs: [Link to Anchore's SBOM pillar page/guide if available]
- Dive into Software Supply Chain Security: [Link to relevant Anchore pillar page/blog if available]
- Syft on GitHub: https://github.com/anchore/syft
- Grype on GitHub: https://github.com/anchore/grype
- Join the Community Discussion: https://anchore.com/discourse
- All Anchore Open Source Projects: https://github.com/anchore
- Sign-up for the OSS Newsletter: https://get.anchore.com/anchore-community/
#OpenSourceSecurity #SBOM #SoftwareSupplyChainSecurity https://www.youtube.com/watch?v=9xbpxA4DSNY
