Grype – Experimental News Clipping Site

Anchore: Analyzing the top MCP Docker Containers

Oct 2, 2025

—

by

Source URL: https://anchore.com/blog/analyzing-the-top-mcp-docker-containers/ Source: Anchore Title: Analyzing the top MCP Docker Containers Feedly Summary: If you pay attention to the world of AI, you’ll have noticed that Model Context Protocol (MCP) is a very popular topic right now. The Model Context Protocol is an open standard that enables developers to build secure, two-way connections between…

Anchore: Can an LLM Really Fix a Bug? A Start-to-Finish Case Study

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/can-an-llm-really-fix-a-bug-a-start-to-finish-case-study/ Source: Anchore Title: Can an LLM Really Fix a Bug? A Start-to-Finish Case Study Feedly Summary: The software industry faces a growing problem: we have far more open issues than we have contributors multiplied by available time. Every project maintainer knows this pain. We certainly recognize this across our open source tools…

Anchore: Strengthening Software Security: The Anchore and Chainguard Partnership

Sep 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/chainguard-partnership/ Source: Anchore Title: Strengthening Software Security: The Anchore and Chainguard Partnership Feedly Summary: In 2018, Anchore partnered with the US Air Force on Platform One, a project focused on integrating DevSecOps principles into government software development. A core part of that project was the launch of the Iron Bank, a repository of…

Anchore: NPM Supply Chain Breach Response for Anchore Enterprise and Grype Users

Sep 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/npm-supply-chain-breach-response-for-anchore-enterprise-and-grype-users/ Source: Anchore Title: NPM Supply Chain Breach Response for Anchore Enterprise and Grype Users Feedly Summary: On September 8, 2025 Anchore was made aware of an incident involving a number of popular NPM packages to insert malware. The technical details of the attack can be found in the Aikido blog post: npm…

Docker: Secure by Design: A Shift-Left Approach with Testcontainers, Docker Scout, and Hardened Images

Aug 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.docker.com/blog/a-shift-left-approach-with-docker/ Source: Docker Title: Secure by Design: A Shift-Left Approach with Testcontainers, Docker Scout, and Hardened Images Feedly Summary: In today’s fast-paced world of software development, product teams are expected to move quickly: building features, shipping updates, and reacting to user needs in real-time. But moving fast should never mean compromising on quality…

Anchore: Anchore is Excited to Announce it’s Inclusion in the IBM PDE Factory: An Open Source-Powered Secure Software Development Platform

Jul 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/anchore-is-excited-to-announce-its-inclusion-in-the-ibm-pde-factory-an-open-source-powered-secure-software-development-platform/ Source: Anchore Title: Anchore is Excited to Announce it’s Inclusion in the IBM PDE Factory: An Open Source-Powered Secure Software Development Platform Feedly Summary: Powered by Anchore’s Syft & Grype, IBM’s Platform Development Environment Factory delivers DevSecOps-as-a-Service for federal agencies seeking operational readiness without the integration nightmare. Federal agencies are navigating a…

Anchore: Time to Take Another Look at Grype: A Year of Major Improvements

Jun 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/time-to-take-another-look-at-grype-a-year-of-major-improvements/ Source: Anchore Title: Time to Take Another Look at Grype: A Year of Major Improvements Feedly Summary: If you last tried Grype a year ago and haven’t checked back recently, you’re in for some pleasant surprises. The past twelve months have significantly improved the accuracy and performance of our open source vulnerability…

Anchore: False Positives and False Negatives in Vulnerability Scanning: Lessons from the Trenches

May 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/false-positives-and-false-negatives-in-vulnerability-scanning/ Source: Anchore Title: False Positives and False Negatives in Vulnerability Scanning: Lessons from the Trenches Feedly Summary: When Good Scanners Flag Bad Results Imagine this: Friday afternoon, your deployment pipeline runs smoothly, tests pass, and you’re ready to push that new release to production. Then suddenly: BEEP BEEP BEEP – your vulnerability…

Anchore: Generating SBOMs for JavaScript Projects: A Developer’s Guide

Mar 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/javascript-sbom-generation/ Source: Anchore Title: Generating SBOMs for JavaScript Projects: A Developer’s Guide Feedly Summary: Let’s be honest: modern JavaScript projects can feel like a tangled web of packages. Knowing exactly what’s in your final build is crucial, especially with rising security concerns. That’s where a Software Bill of Materials (SBOM) comes in handy…

Anchore: Contributing to Vulnerability Data: Making Security Better for Everyone

Mar 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://anchore.com/blog/contributing-to-vulnerability-data-making-security-better-for-everyone/ Source: Anchore Title: Contributing to Vulnerability Data: Making Security Better for Everyone Feedly Summary: Software security depends on accurate vulnerability data. While organizations like NIST maintain the National Vulnerability Database (NVD), the sheer volume of vulnerabilities discovered daily means that sometimes data needs improvement. At Anchore, we’re working to enhance this ecosystem…

Tag: Grype