Our great sponsors
-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
vimp
Compare data from multiple vulnerability scanners to get a more complete picture of potential exposures. (by mchmarny)
-
-
-
dagda
a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
https://github.com/aquasecurity/trivy 17k stars, updated 11 hours ago
https://github.com/anchore/grype 5.6k stars, updated 3 days ago
Something I saw recently was https://github.com/mchmarny/vimp which does vulnerability checking via multiple different tools; haven't used it too much yet but could be quite handy.
https://github.com/quay/clair 9.4k stars, updated 17 hours ago
https://github.com/grafeas/grafeas 1.4k stars, updated last week
https://github.com/eliasgranderubio/dagda 1k stars, updated July 27th, 2021
Related posts
- General Docker Troubleshooting, Best Practices & Where to Go From Here
- I looked through attacks in my access logs. Here's what I found
- Launch HN: EdgeBit (YC W23) – live software vulnerability analysis
- Homelab vulnerability/virus scanner
- Building a software bill of materials (SBOM) using open source tools