-
trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
-
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
- Use trivy or grype with software installed without package manager (via tar) e.g. eclipse-temurin in the alpine version. The java executable gets unpacked into /opt but is not recognized.
https://github.com/aquasecurity/trivy/issues/2098
https://github.com/anchore/syft/issues/994
NOTE:
The number of mentions on this list indicates mentions on common posts plus user suggested alternatives.
Hence, a higher number means a more popular project.