Container scanners not scan software not added by package manager

InfluxDB - Power Real-Time Data Analytics at Scale

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

www.influxdata.com

featured

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

featured

trivy

83 21,443 9.8 Go

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

- Use trivy or grype with software installed without package manager (via tar) e.g. eclipse-temurin in the alpine version. The java executable gets unpacked into /opt but is not recognized.
https://github.com/aquasecurity/trivy/issues/2098

syft

32 5,495 9.8 Go

CLI tool and library for generating a Software Bill of Materials from container images and filesystems

https://github.com/anchore/syft/issues/994

InfluxDB

www.influxdata.com featured

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Suas imagens de container não estão seguras!

4 projects | dev.to | 20 Mar 2024
General Docker Troubleshooting, Best Practices & Where to Go From Here

3 projects | dev.to | 19 Jan 2024
Scanning and remediating vulnerabilities with Grype

1 project | dev.to | 19 Aug 2023
An Overview of Kubernetes Security Projects at KubeCon Europe 2023

17 projects | dev.to | 22 May 2023
Best vulnerability scanner for DevOps

2 projects | /r/devsecops | 19 May 2023

Container scanners not scan software not added by package manager

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Containers Docker Go Golang Security
Post date: 10 May 2022

trivy

syft

InfluxDB

Related posts

Suas imagens de container não estão seguras!

General Docker Troubleshooting, Best Practices & Where to Go From Here

Scanning and remediating vulnerabilities with Grype

An Overview of Kubernetes Security Projects at KubeCon Europe 2023

Best vulnerability scanner for DevOps

Container scanners not scan software not added by package manager

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com Containers Docker Go Golang Security Post date: 10 May 2022

trivy

syft

InfluxDB

Related posts

Suas imagens de container não estão seguras!

General Docker Troubleshooting, Best Practices & Where to Go From Here

Scanning and remediating vulnerabilities with Grype

An Overview of Kubernetes Security Projects at KubeCon Europe 2023

Best vulnerability scanner for DevOps

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Containers Docker Go Golang Security
Post date: 10 May 2022