Open source container scanning tool to find vulnerabilities and suggest best practice improvements?

This page summarizes the projects mentioned and recommended in the original post on /r/selfhosted

Nutrient - The #1 PDF SDK Library
Bad PDFs = bad UX. Slow load times, broken annotations, clunky UX frustrates users. Nutrient’s PDF SDKs gives seamless document experiences, fast rendering, annotations, real-time collaboration, 100+ features. Used by 10K+ devs, serving ~half a billion users worldwide. Explore the SDK for free.
nutrient.io
featured
CodeRabbit: AI Code Reviews for Developers
Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
coderabbit.ai
featured
  1. trivy

    Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

    https://github.com/aquasecurity/trivy 17k stars, updated 11 hours ago

  2. Nutrient

    Nutrient - The #1 PDF SDK Library. Bad PDFs = bad UX. Slow load times, broken annotations, clunky UX frustrates users. Nutrient’s PDF SDKs gives seamless document experiences, fast rendering, annotations, real-time collaboration, 100+ features. Used by 10K+ devs, serving ~half a billion users worldwide. Explore the SDK for free.

    Nutrient logo
  3. grype

    A vulnerability scanner for container images and filesystems

    https://github.com/anchore/grype 5.6k stars, updated 3 days ago

  4. vimp

    Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures. (by mchmarny)

    Something I saw recently was https://github.com/mchmarny/vimp which does vulnerability checking via multiple different tools; haven't used it too much yet but could be quite handy.

  5. clair

    Vulnerability Static Analysis for Containers

    https://github.com/quay/clair 9.4k stars, updated 17 hours ago

  6. grafeas

    Artifact Metadata API

    https://github.com/grafeas/grafeas 1.4k stars, updated last week

  7. dagda

    a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

    https://github.com/eliasgranderubio/dagda 1k stars, updated July 27th, 2021

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

  • General Docker Troubleshooting, Best Practices & Where to Go From Here

    3 projects | dev.to | 19 Jan 2024
  • I looked through attacks in my access logs. Here's what I found

    6 projects | news.ycombinator.com | 28 Jan 2024
  • Launch HN: EdgeBit (YC W23) – live software vulnerability analysis

    3 projects | news.ycombinator.com | 1 Mar 2023
  • Homelab vulnerability/virus scanner

    1 project | /r/docker | 7 Feb 2023
  • Building a software bill of materials (SBOM) using open source tools

    1 project | dev.to | 1 Feb 2023

Did you know that Go is
the 4th most popular programming language
based on number of references?