Alternatives and similar repositories for trivy

Users that are interested in trivy are comparing it to the libraries listed below

• quay / clair
  Vulnerability Static Analysis for Containers
  ☆10,860Updated this week
• anchore / grype
  A vulnerability scanner for container images and filesystems
  ☆11,030Updated last week
• falcosecurity / falco
  Cloud Native Runtime Security
  ☆8,411Updated last week
• gitleaks / gitleaks
  Find secrets with Gitleaks 🔑
  ☆23,990Updated last week
• getsops / sops
  Simple and flexible tool for managing secrets
  ☆19,970Updated 2 weeks ago
• aquasecurity / kube-bench
  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
  ☆7,820Updated this week
• anchore / syft
  CLI tool and library for generating a Software Bill of Materials from container images and filesystems
  ☆7,975Updated last week
• k3s-io / k3s
  Lightweight Kubernetes
  ☆31,394Updated this week
• slimtoolkit / slim
  Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it …
  ☆22,516Updated this week
• aquasecurity / kube-hunter
  Hunt for security weaknesses in Kubernetes clusters
  ☆4,968Updated last year
• grafana / loki
  Like Prometheus, but for logs.
  ☆26,972Updated this week
• google / osv-scanner
  Vulnerability scanner written in Go which uses the data provided by https://osv.dev
  ☆8,069Updated last week
• sigstore / cosign
  Code signing and transparency for containers and binaries
  ☆5,438Updated last week
• aquasecurity / tfsec
  Tfsec is now part of Trivy
  ☆6,925Updated 2 weeks ago
• future-architect / vuls
  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
  ☆11,833Updated this week
• open-policy-agent / opa
  Open Policy Agent (OPA) is an open source, general-purpose policy engine.
  ☆10,875Updated this week
• hashicorp / vault
  A tool for secrets management, encryption as a service, and privileged access management
  ☆33,488Updated last week
• goodwithtech / dockle
  Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
  ☆3,095Updated 10 months ago
• gravitational / teleport
  The easiest, and most secure way to access and protect all of your infrastructure.
  ☆19,422Updated this week
• moby / buildkit
  concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit
  ☆9,523Updated this week
• argoproj / argo-cd
  Declarative Continuous Deployment for Kubernetes
  ☆21,295Updated this week
• kubernetes-sigs / kind
  Kubernetes IN Docker - local clusters for testing Kubernetes
  ☆14,770Updated 3 weeks ago
• cert-manager / cert-manager
  Automatically provision and manage TLS certificates in Kubernetes
  ☆13,342Updated this week
• dagger / dagger
  An open-source runtime for composable workflows. Great for AI agents and CI/CD.
  ☆15,011Updated this week
• google / cadvisor
  Analyzes resource usage and performance characteristics of running containers.
  ☆18,568Updated 5 months ago
• docker / docker-bench-security
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,527Updated last year
• semgrep / semgrep
  Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
  ☆13,431Updated this week
• runatlantis / atlantis
  Terraform Pull Request Automation
  ☆8,660Updated last week
• kubeshark / kubeshark
  The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and paylo…
  ☆11,572Updated this week
• traefik / traefik
  The Cloud Native Application Proxy
  ☆59,175Updated this week