I chat with Alan Pope about the open source security tools Syft, Grype, and Grant. These tools help create Software Bills of Materials (SBOMs) and scan for vulnerabilities. Learn why generating and storing SBOMs is crucial for understanding your software supply chain and quickly responding to new threats like Log4Shell. The show notes and blog post for this episode can be found at <a href= "https://opensourcesecurity.io/2025/2025-04-syft-grype-grant-alan-pope/"> https://opensourcesecurity.io/2025/2025-04-syft-grype-grant-alan-pope/</a>

I chat with Alan Pope about the open source security tools Syft, Grype, and Grant. These tools help create Software Bills of Materials (SBOMs) and scan for vulnerabilities. Learn why generating and storing SBOMs is crucial for understanding your software supply chain and quickly responding to new threats like Log4Shell. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-04-syft-grype-grant-alan-pope/

I chat with Alan Pope about the open source security tools Syft, Grype, and Grant. These tools help create Software Bills of Materials (SBOMs) and scan for vulnerabilities. Learn why generating and storing SBOMs is crucial for understanding your software supply chain and quickly responding to new threats like Log4Shell. The show notes and blog post for this episode can be found at <a href="https://opensourcesecurity.io/2025/2025-04-syft-grype-grant-alan-pope/" rel="noopener noreferrer"> https://opensourcesecurity.io/2025/2025-04-syft-grype-grant-alan-pope/</a>

Syft, Grype, and Grant with Alan Pope

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works.

There’s a lot of good work happening that doesn’t get attention because there’s no marketing department behind it, they don’t have a developer relations team posting on LinkedIn every two hours. Let’s focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what’s up, they have a lot to teach us. We just have to listen.

Technology

Open Source Security is a media project to help showcase and educate on open source security. Our goal is to give the community a platform educate both developers and users on how open source security works. There’s a lot of good work happening that doesn’t get attention because there’s no marketing department behind it, they don’t have a developer relations team posting on LinkedIn every two hours. Let’s focus on those people and teams then learn what they do and how they do it. The goal is to hear from the people doing the work, they know what’s up, they have a lot to teach us. We just have to listen.

Share Syft, Grype, and Grant with Alan Pope

Sign up to save your podcasts

Syft, Grype, and Grant with Alan Pope

Syft, Grype, and Grant with Alan Pope

More shows like Open Source Security

Security Now (Audio)

Risky Business

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

The Changelog: Software Development, Open Source

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

LINUX Unplugged

Hacked

CyberWire Daily

Late Night Linux

Smashing Security

Darknet Diaries

Hacking Humans

Defense in Depth

2.5 Admins

Risky Bulletin