Welcome to Anchore Open Source

Anchore Open Source Software (OSS) is a suite of tools for Software Bill of Materials (SBOM) Generation, Vulnerability Scanning, License Scanning, and Vulnerability Database management.

Start by going to the project overview of Anchore OSS to learn more about the basic concepts and functions.

For information about generating SBOMs:

Get started with vulnerability scanning

Scan SBOMs or containers for licenses used:

Reference information

OSS release notes:

Note: Many topics have nested sub-topics in the navigation pane to the left that become visible when you click a topic.

Installing the Tools

The tools are available in many common distribution channels. The full list of official and community maintained packages can be found on the installation page.

Using the Tools

We have “Getting Started” user guides for SBOM Generation with Syft, Vulnerability Scanning with Grype, and License Scanning.

Developing

Developers also have Contribution Guides for all of our open source tools and libraries.

Projects

Overview of Anchore Open Source tools.

User Guides

Contributing

Guidelines for developing & contributing to Anchore Open Source projects

Installation

Official and community maintained packages of Anchore OSS Tools

Reference

Reference for Anchore OSS Tools

About

About Anchore OSS and its community

Release Notes

Information about recent Anchore OSS releases

Last modified September 29, 2025: add python tests and tooling (c00b34a)