Syft11h ago
Syft users! 📣 We want to hear from YOU! Take our quick 5-question survey to help shape the future of Syft. Your feedback is invaluable! 👉 https://forms.gle/VJZ7idKZgchminYD7
#Syft #SBOM #OpenSource
anchore1d ago

FedRAMP is moving faster than ever. With the new "FedRAMP 20x" initiative and the shift toward Rev 5, the days of manual spreadsheets and quarterly reviews are gone.
If you're managing containerized workloads, the 30-day scanning window isn't just a suggestion—it's a requirement for your ATO.

Are you prepared for the new pace of federal compliance?

We've compiled the most common questions into our FedR... https://anchore.com/fedramp/fedramp-overview/
#FedRAMP #DevSecOps #SBOM #NIST #Cybersecurity #PublicSectorIT

Grype3d ago
Join the Anchore Open Source team this Thursday at 12 PM PT for our live stream! We'll cover issues, PRs, & roadmap. https://www.youtube.com/watch?v=diRrt9HJRZU #SBOM #Vulnerability
Syft3d ago
Join the Anchore Open Source team this Thursday at 12 PM PT for our live stream! We'll cover issues, PRs, & roadmap. https://www.youtube.com/watch?v=diRrt9HJRZU #SBOM #Vulnerability
Max Mehl3d ago

RE: https://social.anoxinon.de/@gnulinux/116289467985502963

Beim GNU/Linux-Podcast spreche ich über Software-Lieferketten, SBOMs u.v.m. im Kontext der Deutschen Bahn. Also nicht nur, was das ist, sondern wie wir damit auch sinnvoll umgehen können und was das mit Engagement in Open-Source-Projekten zu tun hat.

#DeutscheBahn #CRA #SBOM #SupplyChain #Podcast

All Things Open3d ago

🚀 NEW on We ❤️ Open Source 🚀

Dependency debt is more than an engineering nuisance. It directly affects how quickly teams can respond to security threats.

Artem Karasev argues that patchability should be designed into software from the start, with better dependency choices, stronger visibility, and faster validation.

https://allthingsopen.org/articles/designing-software-that-can-be-patched-before-it-needs-to-be

#WeLoveOpenSource #OpenSource #Security #SBOM

anchore5d ago

Supply chain attacks ↗️ 742% in 2023

Your traditional security stack wasn't built for this fight.

SBOM-first architecture changes everything ⚡

https://anchore.com/platform/

#SoftwareSupplyChain #SBOM #CyberSecurity

anchore5d ago

Ingesting thousands of third-party SBOMs is great…until you actually need to find one during an audit. 🔍 Anchore 5.25 adds advanced filters (Name, Version, Type) so your security teams can instantly pinpoint the exact assets they need.

https://anchore.com/blog/anchore-enterprise-5-25/

#DevSecOps #SBOM

anchore5d ago

Shift-left compliance checking ⬅️

Catch violations before deployment, not during audits 🛡️

https://anchore.com/platform/enforce/

#SoftwareSupplyChain #SBOM #CyberSecurity #Compliance

Nordic Software Security SummiMar 26

Register today for this unique conference focusing on the EU Cyber Resilience Act! Let's meet in Stockholm April 8-10 to discuss, learn and build networks.

https://nsss.se

#CRA #EUCRA #APPSEC #cybersecurity #SBOM