Syft

A command-line tool and Go library that generates Software Bill of Materials (SBOMs) from container images and filesystems to identify packages and dependencies for security analysis.

Available Pages

Syft: Generate Accurate SBOMs for Containers & Filesystems

Learn how Syft generates accurate Software Bills of Materials (SBOMs) from your containers and filesystems. Discover why Syft works better and get started with installation.

Related Technologies

Competition

tern

Direct competitors

cyclonedx generator

Direct competitors

kubernetes bom

Can replace or substitute

microsoft sbom tool

Direct competitors

spdx sbom generator

Direct competitors

trivy

Direct competitors

distro2sbom

Can replace or substitute

Integration

Compatible With

grype

Works well together

Integrates With

docker

Official integration support

Integrates With

github actions

Official integration support

Integrates With

jenkins

Official integration support

Integrates With

kubernetes

Official integration support

Integrates With

gitlab ci

Official integration support

Dependencies

go

Foundation technology

linux

Requires for operation

docker engine

Requires for operation

anchore enterprise

Provides core functionality