anchore / grypeLinks
A vulnerability scanner for container images and filesystems
☆9,893Updated this week
Alternatives and similar repositories for grype
Users that are interested in grype are comparing it to the libraries listed below
Sorting:
- CLI tool and library for generating a Software Bill of Materials from container images and filesystems☆7,044Updated this week
- Code signing and transparency for containers and binaries☆4,944Updated last week
- Vulnerability Static Analysis for Containers☆10,640Updated last week
- Cloud Native Runtime Security☆7,948Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆26,874Updated last week
- Tfsec is now part of Trivy☆6,825Updated 3 weeks ago
- Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.☆7,334Updated last week
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆11,689Updated this week
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆4,937Updated 3 weeks ago
- Hunt for security weaknesses in Kubernetes clusters☆4,865Updated last year
- The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and paylo…☆11,366Updated last week
- Vulnerability scanner written in Go which uses the data provided by https://osv.dev☆7,429Updated this week
- Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark☆7,458Updated this week
- yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties processor☆13,454Updated 2 weeks ago
- Go library and CLIs for working with container registries☆3,371Updated this week
- The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…☆9,390Updated 7 months ago
- A service that analyzes docker images and scans for vulnerabilities☆1,586Updated 2 years ago
- GUAC aggregates software security metadata into a high fidelity graph database.☆1,364Updated this week
- The easiest, and most secure way to access and protect all of your infrastructure.☆18,562Updated this week
- 👀 A Kubernetes cluster resource sanitizer☆5,845Updated last week
- Work with remote images registries - retrieving information, images, signing content☆9,219Updated last week
- Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on p…☆4,777Updated 3 months ago
- Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security…☆10,781Updated 2 weeks ago
- contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...☆8,895Updated this week
- bootstrap K3s over SSH in < 60s 🚀☆6,636Updated last week
- Boundary enables identity-based access management for dynamic infrastructure.☆3,924Updated this week
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,304Updated this week
- Open Policy Agent (OPA) is an open source, general-purpose policy engine.☆10,296Updated this week
- Simple and flexible tool for managing secrets☆18,542Updated this week
- Find secrets with Gitleaks 🔑☆20,007Updated this week