Found a tool to locate log4j in containers!

This page summarizes the projects mentioned and recommended in the original post on /r/netsec
Containers Docker Go Golang Static Analysis

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • syft

    CLI tool and library for generating a Software Bill of Materials from container images and filesystems

  • grype

    A vulnerability scanner for container images and filesystems

    • It’s a tool to scan containers and create a SBOM (software bill of materials). It can work together with Grype to identify potential vulnerabilities, including log4shell. https://github.com/anchore/grype

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts