Alternatives and similar repositories for syft:

Users that are interested in syft are comparing it to the libraries listed below

• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆9,670Updated this week
• sigstore / cosign
  Code signing and transparency for containers and binaries
  ☆4,848Updated this week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆7,796Updated this week
• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,579Updated last week
• aquasecurity / trivy
  Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
  ☆25,434Updated this week
• hashicorp / boundary
  Boundary enables identity-based access management for dynamic infrastructure.
  ☆3,914Updated this week
• aquasecurity / kube-bench
  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
  ☆7,367Updated this week
• ossf / scorecard
  OpenSSF Scorecard - Security health metrics for Open Source
  ☆4,849Updated this week
• kubeshark / kubeshark
  The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and paylo…
  ☆11,296Updated this week
• containerd / nerdctl
  contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
  ☆8,705Updated this week
• goodwithtech / dockle
  Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
  ☆2,874Updated 3 months ago
• slsa-framework / slsa
  Supply-chain Levels for Software Artifacts
  ☆1,642Updated this week
• aquasecurity / kube-hunter
  Hunt for security weaknesses in Kubernetes clusters
  ☆4,844Updated last year
• DependencyTrack / dependency-track
  Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…
  ☆2,978Updated this week
• aquasecurity / tfsec
  Tfsec is now part of Trivy
  ☆6,802Updated last month
• anchore / anchore-engine
  A service that analyzes docker images and scans for vulnerabilities
  ☆1,587Updated 2 years ago
• alexellis / k3sup
  bootstrap K3s over SSH in < 60s 🚀
  ☆6,581Updated 2 months ago
• aquasecurity / tracee
  Linux Runtime Security and Forensics using eBPF
  ☆3,833Updated this week
• pomerium / pomerium
  Pomerium is an identity and context-aware access proxy.
  ☆4,207Updated this week
• tilt-dev / tilt
  Define your dev environment as code. For microservice apps on Kubernetes.
  ☆8,035Updated this week
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆11,472Updated this week
• cilium / tetragon
  eBPF-based Security Observability and Runtime Enforcement
  ☆3,888Updated this week
• hadolint / hadolint
  Dockerfile linter, validate inline bash, written in Haskell
  ☆10,846Updated 3 weeks ago
• smallstep / cli
  🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.
  ☆3,838Updated this week
• alexellis / arkade
  Open Source Marketplace For Developer Tools
  ☆4,361Updated last week
• google / go-containerregistry
  Go library and CLIs for working with container registries
  ☆3,319Updated last week
• bitnami-labs / sealed-secrets
  A Kubernetes controller and tool for one-way encrypted Secrets
  ☆8,101Updated this week
• tellerops / teller
  Cloud native secrets management for developers - never leave your command line for secrets.
  ☆2,990Updated 8 months ago
• cilium / hubble
  Hubble - Network, Service & Security Observability for Kubernetes using eBPF
  ☆3,731Updated last week
• gravitational / teleport
  The easiest, and most secure way to access and protect all of your infrastructure.
  ☆18,287Updated this week