grafeas VS vimp

Compare grafeas vs vimp and see what are their differences.

grafeas

Artifact Metadata API (by grafeas)
Suggest topics
Source Code
grafeas.io
Suggest alternative
Edit details

vimp

Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures. (by mchmarny)
Artifact Container Cve GCP Registry Vulnerability grype Snyk trivy
Source Code
Suggest alternative
Edit details
InfluxDB - Power Real-Time Data Analytics at Scale
Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
www.influxdata.com
featured
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com
featured
grafeas vimp
3 1
1,502 54
0.7% -
5.8 8.5
29 days ago 7 months ago
Go Go
Apache License 2.0 Apache License 2.0
The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

grafeas

Posts with mentions or reviews of grafeas. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-11-15.
  • Securing CI/CD Images with Cosign and OPA
    4 projects | dev.to | 15 Nov 2023
    Grafeas: While Grafeas offers a comprehensive solution for the software development lifecycle, it is not designed for public or open-source software (OSS) image verification. It's better suited for first-party integration, particularly with Google Kubernetes Engine (GKE).
  • Open source container scanning tool to find vulnerabilities and suggest best practice improvements?
    8 projects | /r/selfhosted | 15 Apr 2023
    https://github.com/grafeas/grafeas 1.4k stars, updated last week
  • Anyone else using Universal Resource Names (URN) for Asset Tracking and Automation?
    1 project | /r/devops | 23 Jan 2021
    Yes I have been looking at this notably related to relationships to vulnerabilities and leveraging grafeas. Which uses a resource uri to relate to a container but could equally be an os on a host. As we use azure, aws, google and have on premise I agree makes some sense to do this. My use case is somewhat easier as DNS names make some sense but the base part of resource has to indicate it is on premise and has to name space independent of the cloud so using the core company DNS name in a similar way the cloud providers do. Other than that looking to leverage many of concepts in grafeas.

vimp

Posts with mentions or reviews of vimp. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-04-15.

What are some alternatives?

When comparing grafeas and vimp you can also consider the following projects:

dagda - a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

notation - A CLI tool to sign and verify artifacts

trivy - Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

grype - A vulnerability scanner for container images and filesystems

clair - Vulnerability Static Analysis for Containers

grafeas vs dagda vimp vs dagda grafeas vs notation vimp vs trivy grafeas vs trivy vimp vs grype grafeas vs grype vimp vs clair