Reno, NV – August 24, 2022 – Sylabs, a provider of container technology and services for performance-intensive workloads, today announced it has collaborated with Anchore to bring Syft Software Bill of Materials (SBOM) support to Singularity containers.
Developed and maintained by Anchore, a software supply chain security company, Syft is an open source tool for generating SBOMs. Using SBOMs, organizations are able to give their users deep visibility into container images for the proactive securing of the software supply chain. The new ability comes after months of collaboration between Sylabs and Anchore to add support for the Singularity Image Format (SIF) to Syft through the stereoscope library. Users of Singularity and Syft will also be able to utilize Grype, Anchore’s vulnerability scanner for container images and filesystems. With Grype, developers are able to quickly scan SBOMs for vulnerabilities, ensuring that the container is clean of any exploits that could be used for malicious purposes.
“The collaboration between Anchore and Sylabs provides users of the Singularity container runtime the ability to create and store an SBOM as an independent operation,” said Daniel Nurmi, CTO of Anchore. “With the rise in software supply chain security attacks, the need for generating and managing SBOMs has become critical in creating a strong security posture against vulnerabilities and malicious actors. This collaboration gives users in the HPC arena visibility into Singularity containers to ensure they are secure and compliant.”