SlideShare a Scribd company logo
1 of 27
Tracking License Compliance Made
Easy - Intro to Grant (OSS)
Christopher Phillips
Software Engineer
Anchore
Daniel Nurmi
CTO
Anchore
Housekeeping
01
02
03
All participant lines are muted
Questions will be accepted throughout, enter questions via Q&A panel
You will receive a follow-up email with a link to the recording
04 Please respond to poll questions as they are appear on your screen
Anchore | Software Supply Chain Management
Anchore | Software Supply Chain Management
Securing your
software supply chain
with a frictionless
developer experience
that optimizes velocity
Your DevOps Process
Run
Deploy
Test
Build
Develop
Source
Agenda
Introductions
01
02 Open Source License Headaches
03 Automating License Lists and their Component Associations
04 Q&A
Consumers Need More Than Your Product
That Thing…
This is a good problem to have
Usually only have to do when you’ve gained a customer, however…
Go From This
To This
To This
v1.0
v2.0
To This
v3.0
v1.0
v2.0
To This
v2.0.1
v1.0
v2.0
v3.0
This seems more complicated than it should be…
v2.0.1
v1.0
v2.0
v3.0
Challenges when manually building that sheet
● Often lots of repeatable work that’s
hard to persist over changes
● Better for machines to recognize
the actual license ID
● Context of the reviewer on if
licenses should be accepted as is
or if SPDX the statement has
wiggle room
Challenges when building bespoke specialized tooling
● Works for only certain images
and hard when application
requirements change
● Scaling into different processes
is hard and requires more
development time
● Always switching contexts
between delivering for the
customer and delivering
compliance and process
How do we move towards a generalized SBOM path?
Introducing Grant!
Combining Tools for Best Results
Remove Developers From The Interruption Path
Github Actions Workflow
-
SBOM -> Licenses
-
Single Dispatch
Single Click - Packages and Licenses
-
Anchore Enterprise
Software Composition Analysis from Code to Cloud
Cloud-native
Focus
Fast scanning of containerized applications, at scale
High Fidelity SBOMs to identify OSS dependencies and security issues
Multi-stage scanning across Git, CI/CD, Registry, and Kubernetes
Open Source
Centric
End to End
Coverage
Controls for NIST, FedRAMP, DISA and more.
Compliance
Automation
Anchore Enterprise
Software Composition Analysis from Code to Cloud
Cloud-native
Focus
Fast scanning of containerized applications, at scale
High Fidelity SBOMs to identify OSS dependencies and security issues
Multi-stage scanning across Git, CI/CD, Registry, and Kubernetes
Open Source
Centric
End to End
Coverage
Controls for NIST, FedRAMP, DISA and more.
Compliance
Automation
Next Steps
Get started with Grant today and contribute
https://github.com/anchore/grant
Join our community Slack
https://get.anchore.com/join-anchore-community/
Next community meeting
https://github.com/anchore/syft?tab=readme-ov-file#join-
our-community-meetings
Learn more about Anchore Enterprise
https://anchore.com/platform
Thank you for joining!
Schedule a demo of our platform at get.anchore.com/demo-request

More Related Content

Similar to Tracking license compliance made easy - intro to Grant (OSS)

Introducing Continuous Integration Using Vsts
Introducing Continuous Integration Using VstsIntroducing Continuous Integration Using Vsts
Introducing Continuous Integration Using VstsMohamed Samy
 
Accelerate User Driven Innovation [Webinar]
Accelerate User Driven Innovation [Webinar]Accelerate User Driven Innovation [Webinar]
Accelerate User Driven Innovation [Webinar]Dynatrace
 
Enterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationEnterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationCompuware
 
Data Engineer's Lunch #68: DevOps Fundamentals
Data Engineer's Lunch #68: DevOps FundamentalsData Engineer's Lunch #68: DevOps Fundamentals
Data Engineer's Lunch #68: DevOps FundamentalsAnant Corporation
 
Agile Code Reviews: Supporting collaboration and improving production uptime ...
Agile Code Reviews: Supporting collaboration and improving production uptime ...Agile Code Reviews: Supporting collaboration and improving production uptime ...
Agile Code Reviews: Supporting collaboration and improving production uptime ...Atlassian
 
Dops 1033 dev-ops_review_final
Dops 1033 dev-ops_review_finalDops 1033 dev-ops_review_final
Dops 1033 dev-ops_review_finalDaniel Berg
 
Salesforce cicd integration a quick guide
Salesforce cicd integration a quick guideSalesforce cicd integration a quick guide
Salesforce cicd integration a quick guideKaty Slemon
 
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”Emerasoft, solutions to collaborate
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsAmazon Web Services
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastXebiaLabs
 
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsDeployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsIBM UrbanCode Products
 
Continuous Everything
Continuous EverythingContinuous Everything
Continuous EverythingAndrea Tino
 
[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...
[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...
[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...WSO2
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...Siva Rama Krishna Chunduru
 
Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]New Relic
 
DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020Cyber-Duck
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks Ulf Mattsson
 

Similar to Tracking license compliance made easy - intro to Grant (OSS) (20)

Introducing Continuous Integration Using Vsts
Introducing Continuous Integration Using VstsIntroducing Continuous Integration Using Vsts
Introducing Continuous Integration Using Vsts
 
Accelerate User Driven Innovation [Webinar]
Accelerate User Driven Innovation [Webinar]Accelerate User Driven Innovation [Webinar]
Accelerate User Driven Innovation [Webinar]
 
Enterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast PresentationEnterprise DevOps and the Modern Mainframe Webcast Presentation
Enterprise DevOps and the Modern Mainframe Webcast Presentation
 
Data Engineer's Lunch #68: DevOps Fundamentals
Data Engineer's Lunch #68: DevOps FundamentalsData Engineer's Lunch #68: DevOps Fundamentals
Data Engineer's Lunch #68: DevOps Fundamentals
 
Agile Code Reviews: Supporting collaboration and improving production uptime ...
Agile Code Reviews: Supporting collaboration and improving production uptime ...Agile Code Reviews: Supporting collaboration and improving production uptime ...
Agile Code Reviews: Supporting collaboration and improving production uptime ...
 
DevOps on AWS
DevOps on AWSDevOps on AWS
DevOps on AWS
 
Dops 1033 dev-ops_review_final
Dops 1033 dev-ops_review_finalDops 1033 dev-ops_review_final
Dops 1033 dev-ops_review_final
 
DevOps Delivery Pipeline
DevOps Delivery PipelineDevOps Delivery Pipeline
DevOps Delivery Pipeline
 
Salesforce cicd integration a quick guide
Salesforce cicd integration a quick guideSalesforce cicd integration a quick guide
Salesforce cicd integration a quick guide
 
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
Webinar: “Continuous Delivery: il tuo primo passo verso il DevOps”
 
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer ToolsDevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
DevOps on AWS: Deep Dive on Continuous Delivery and the AWS Developer Tools
 
Make Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the PastMake Software Audit Nightmares a Thing of the Past
Make Software Audit Nightmares a Thing of the Past
 
Webinar : Microservices and Containerization
Webinar : Microservices and ContainerizationWebinar : Microservices and Containerization
Webinar : Microservices and Containerization
 
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform EnvironmentsDeployment Automation for Hybrid Cloud and Multi-Platform Environments
Deployment Automation for Hybrid Cloud and Multi-Platform Environments
 
Continuous Everything
Continuous EverythingContinuous Everything
Continuous Everything
 
[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...
[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...
[WSO2Con EU 2017] Continuous Integration, Delivery and Deployment: Accelerate...
 
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
DevOps For Everyone: Bringing DevOps Success to Every App and Every Role in y...
 
Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]Agility and Control from AWS [FutureStack16]
Agility and Control from AWS [FutureStack16]
 
DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020DevOps CTO Masterclass | Webinar Oct. 2020
DevOps CTO Masterclass | Webinar Oct. 2020
 
How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks How to go from waterfall app dev to secure agile development in 2 weeks
How to go from waterfall app dev to secure agile development in 2 weeks
 

Recently uploaded

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...AliaaTarek5
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPathCommunity
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxLoriGlavin3
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfLoriGlavin3
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfpanagenda
 

Recently uploaded (20)

Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
(How to Program) Paul Deitel, Harvey Deitel-Java How to Program, Early Object...
 
UiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to HeroUiPath Community: Communication Mining from Zero to Hero
UiPath Community: Communication Mining from Zero to Hero
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptxPasskey Providers and Enabling Portability: FIDO Paris Seminar.pptx
Passkey Providers and Enabling Portability: FIDO Paris Seminar.pptx
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Moving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdfMoving Beyond Passwords: FIDO Paris Seminar.pdf
Moving Beyond Passwords: FIDO Paris Seminar.pdf
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdfSo einfach geht modernes Roaming fuer Notes und Nomad.pdf
So einfach geht modernes Roaming fuer Notes und Nomad.pdf
 

Tracking license compliance made easy - intro to Grant (OSS)

  • 1. Tracking License Compliance Made Easy - Intro to Grant (OSS) Christopher Phillips Software Engineer Anchore Daniel Nurmi CTO Anchore
  • 2. Housekeeping 01 02 03 All participant lines are muted Questions will be accepted throughout, enter questions via Q&A panel You will receive a follow-up email with a link to the recording 04 Please respond to poll questions as they are appear on your screen
  • 3. Anchore | Software Supply Chain Management Anchore | Software Supply Chain Management Securing your software supply chain with a frictionless developer experience that optimizes velocity Your DevOps Process Run Deploy Test Build Develop Source
  • 4. Agenda Introductions 01 02 Open Source License Headaches 03 Automating License Lists and their Component Associations 04 Q&A
  • 5. Consumers Need More Than Your Product
  • 7. This is a good problem to have Usually only have to do when you’ve gained a customer, however…
  • 13. This seems more complicated than it should be… v2.0.1 v1.0 v2.0 v3.0
  • 14. Challenges when manually building that sheet ● Often lots of repeatable work that’s hard to persist over changes ● Better for machines to recognize the actual license ID ● Context of the reviewer on if licenses should be accepted as is or if SPDX the statement has wiggle room
  • 15. Challenges when building bespoke specialized tooling ● Works for only certain images and hard when application requirements change ● Scaling into different processes is hard and requires more development time ● Always switching contexts between delivering for the customer and delivering compliance and process
  • 16. How do we move towards a generalized SBOM path?
  • 18. Combining Tools for Best Results
  • 19. Remove Developers From The Interruption Path
  • 23. Single Click - Packages and Licenses -
  • 24. Anchore Enterprise Software Composition Analysis from Code to Cloud Cloud-native Focus Fast scanning of containerized applications, at scale High Fidelity SBOMs to identify OSS dependencies and security issues Multi-stage scanning across Git, CI/CD, Registry, and Kubernetes Open Source Centric End to End Coverage Controls for NIST, FedRAMP, DISA and more. Compliance Automation
  • 25. Anchore Enterprise Software Composition Analysis from Code to Cloud Cloud-native Focus Fast scanning of containerized applications, at scale High Fidelity SBOMs to identify OSS dependencies and security issues Multi-stage scanning across Git, CI/CD, Registry, and Kubernetes Open Source Centric End to End Coverage Controls for NIST, FedRAMP, DISA and more. Compliance Automation
  • 26. Next Steps Get started with Grant today and contribute https://github.com/anchore/grant Join our community Slack https://get.anchore.com/join-anchore-community/ Next community meeting https://github.com/anchore/syft?tab=readme-ov-file#join- our-community-meetings Learn more about Anchore Enterprise https://anchore.com/platform
  • 27. Thank you for joining! Schedule a demo of our platform at get.anchore.com/demo-request