Today we announced Anchore Enterprise 3.2 that can identify vulnerabilities, #security risks, misconfigurations and bad practices to help develop secure cloud-native #software applications. hubs.li/H0YQ61B0 #DevSecOps

Having all of your knowledge available in one place is a massive time saver and productivity booster. Continually and organically capture proprietary knowledge.

Trying to find log4j in your Java project? Syft can do this, and it even fits in a tweet! syft dir:my-java-project | grep log4j github.com/anchore/syft We still have plenty of room in this tweet, so also go check out Grype

New InfoWorld article by our VP of security @joshbressers explains how to detect #Log4j vulnerability in your applications using Syft and Grype. hubs.li/Q010FXcV0 #Log4shell #opensource

Today kicks off the CISO Summit at Half Moon Bay. Stop by the Anchore booth to learn about #software supply chain #security and register to win an espresso machine.

This makes it easy for Go projects to create an SBOM!

Syft can discover Java packages in LOTS of places to find #log4j. We just added support for diving into more kinds of archives, like .tgz, .tar.xz, .tar.bz, .zip, etc. (the list is long!) Just use the config option SYFT_PACKAGE_SEARCH_UNINDEXED_ARCHIVES

Our second episode of Upstream: The Software Supply Chain Security Podcast just dropped. @joshbressers and I talk with @Oxfraq about why software supply chain security keeps him up at night and what to do about it. buzzsprout.com/1913318/100141…

Should we have a poll to decide whether Grype should support reading SPDX or CycloneDX next? Just kidding, the new release already supports them both! You can now run a #vulnerability scan against SPDX and CycloneDX SBOM Spec (OWASP) #SBOM documents. 💪 anchore.com/sbom/grype-sup…

Big news: #SBOM generation just landed in Docker Desktop — powered by Syft! $ docker sbom anchore.com/sbom/docker-sb…

The world has one social media company controlled by a billionaire. Not sure why we need another. Not convinced the first one is going so well for society.

Really excited to share the collaboration between Docker and Anchore with you at #DockerCon '22. Join Justin Cormack and I for a great talk, and bring questions!!! #sbom #containers Register here if you haven't yet: bit.ly/3jFGyIb

We're making it even easier for Docker users to create SBOMs!

These kinds of mass shootings rarely happen elsewhere in the world. Why are we willing to live with this carnage? Why do we keep letting this happen? Where in God’s name is our backbone to have the courage to deal with it? It’s time to turn this pain into action.

Great to see Syft listed as an SBOM tool in the new Thoughtworks Technology Radar! thoughtworks.com/en-us/radar/te… Anchore

5 days until #Devoxx2022 in #Belgium! Come and meet the #Vaadiners at booth 28. We'll have awesome swag for you to take home and don't forget to join our #giveaway 😉 Register to hear Leif Åstrand's talk on "Multi-player Enterprise Applications". bit.ly/3Syu6JT

I regularly complain on the lack of full-stack framework for Java. There are great backend frameworks, but frontend always felt as second class citizen involving glueing together 3rd party libraries. This isn't true anymore. Check hillaframework 👉 hilla.dev

We're excited to reveal the winners of the 2023 Vaadin Collaboration Kit Challenge! 🎉 Thank you to everyone who participated and took the time to design and build incredible collaborative web apps! See the winners: bit.ly/3IURW06

Interesting that Github Copilot is losing $20 per user on its current cost of $10 a month. This article indicates that MSFT wants to make the processing costs cheaper with new chips, but I would guess that the price of Github Copilot is likely to go up. thurrott.com/cloud/290661/r…

I just updated my Apple Watch to the latest OS and the new weather app has accessibility issues. The white text on the light blue and green ring is impossible to read. Please fix! Apple #accessibility #design #fail