New release! Take control of your software supply chain with Anchore SBOM. Anchore Enterprise now allows you to:
- Import external SBOMs (BYOS)
- Validate SBOM quality
- Centrally manage SBOMs
- Identify and prioritize vulnerabilities
- All in one platform. Find out more: #Anchore #SBOMManagement #ApplicationSecurity

70% of software uses open source, but only 15% of organizations are confident in their risk management. Attend our launch webinar to see how Anchore SBOM can help! We'll demo SBOM management, vulnerability prioritization, and more. Register here: https://go.anchore.com/introducing-anchore-sbom.html #OpenSourceSecurity #Webinar #Anchore

Anchore extends its container security offering with Bring Your Own SBOM support! Anchore SBOM provides a centralized platform for viewing, managing, and analyzing SBOMs, giving organizations comprehensive visibility into their software supply chains. Learn more about how you can identify and mitigate security and compliance risks: https://anchore.com/news/anchore-releases-bring-your-own-sbom/ #SBOM #SoftwareSupplyChain #Anchore

Announcing Anchore SBOM! Gain comprehensive visibility & transparency into your software supply chain with our new capabilities in Anchore Enterprise. Manage internal and external SBOMs in a single location to track software supply chain issues and meet compliance requirements. Learn more here: #SBOM #SoftwareSupplyChain #Security #Anchore

Stop shifting security left, start shifting *right* in your EKS environments! As your Kubernetes workloads scale across Amazon EKS clusters, maintaining continuous visibility becomes increasingly challenging, yet critically important.
Our upcoming webinar on May 20 with Bion Consulting explores the power of Anchore's Kubernetes Runtime Inventory with real-time insights security, policy and compliance ... https://get.anchore.com/shift-right-security-for-eks-anchore/ #ShiftRightSecurity #EKS #Kubernetes #CloudNativeSecurity #Anchore

Let's level up our EKS security game! Join our hands-on webinar on "Shift Right Security for EKS" with Bion Consulting and Anchore. Learn practical techniques to identify and remediate vulnerabilities in your scaling EKS applications. We will focus on:
- Kubernetes Runtime Inventory and why it matters for container security
- How to install and configure Anchore's Runtime Inventory on Amazon EKS
- How Anch... https://get.anchore.com/shift-right-security-for-eks-anchore/ #EKS #KubernetesSecurity #DevSecOps #Anchore #SecurityWebinar

Last week product news are still 🔥 #Anchore Enterprise is now available as a pre-built AMI on #AWS. This new Cloud Image simplifies deployment and offers fast and immediate best in class #containerscanning. Available in various regions and #GovCloud. Details on the blog https://anchore.com/blog/introducing-the-anchore-enterprise-cloud-image/

ICYMI #Anchore Enterprise Cloud Image on #AWS is now available. We feature streamlined deployment for #containerscanning and #compliance, ideal for smaller teams and projects. Also included are integrated compliance policy packs. Get best in class container scanning with jut a few clicks through our intelligent cloud image manager.
Learn more on the blog https://anchore.com/blog/introducing-the-anchore-enterprise-cloud-image/

🚨 Product News! We're introducing a new way to deploy Anchore Enterprise on #AWS: the #Anchore Enterprise Cloud Image. This pre-built AMI (available in multiple AWS regions, including #GovCloud) offers fast and immediate best in class container security:
- Simplified Deployment
- Easy Configuration
- Optimized Cost & Performance
- Integrated Compliance Packs
Designed for smaller teams and projects that want to implement container scanning and compliance workflows in t... https://anchore.com/blog/introducing-the-anchore-enterprise-cloud-image/

We're excited to share a new tool, sbom-vm, that simplifies VM security analysis. It addresses the challenges of generating SBOMs from virtual machines by directly working with disk images. Read the blog to learn how it works: https://anchore.com/blog/making-virtual-machine-security-analysis-easier-with-sbom-vm/
#SBOM #VMsecurity #Anchore

#Harbor seamlessly integrates with #Anchore Enterprise for added transparency and security in the supply chain. In a show and well on Feb 19 our customer success engineers are demoing:
- comprehensive #vulnerability scanning and #policy enforcement for #containers
- automation of scans for continuous #monitoring
- tips for maximizing registry config security and efficiency
Register Now https://get.anchore.com/anchore-and-harbor-increase-supply-chain-transparency/

Vulnerability free air-gapped deployments just got easier! 🌐 With #Anchore Data Service (ADS), a single file download, and one CLI command is all you need. Details: https://anchore.com/blog/anchore-enterprise-fall-product-update-2024 #AirGap

🔥 Join us on October 16 at 10am PT for an exclusive look at the new Anchore Data Service! Neil Levine, SVP of Product, and Alan Pope, Director of Developer Relations, will demo the new features in Anchore Enterprise 5.10, including automated vulnerability data updates for air-gapped environments. https://get.anchore.com/introducing-the-anchore-data-service/ #Cybersecurity #Anchore #VulnerabilityManagement

In the pod Linux Matters ep 30, Alan Pope told that NIST has stopped/paused to add "metadata" to eg CVE vulnerability reports in their NVD data base. In the unclear situation, Anchore weher Alan works, has initiated something open source and asks other to join to fill the gap.

All is outside of my competence area but appears to be interesting/critical/concern.

Ref Anchor blog post and pod:
https://linuxmatters.sh/30/
https://anchore.com/blog/national-vulnerability-database-opaque-changes-and-unanswered-questions/
#security #vulnerability #NIST #Anchore #CVE #nvd

Lets see if these supply-chain companies are willing to compromise on their product to do right by the volunteers that maintain them.

https://github.com/anchore/grype/pull/1152

I sorta knew implementing the parser for them was going to be a mistake on my end...

#grype #anchore #SupplyChain #linux #ArchLinux