Our great sponsors
A vulnerability scanner for container images and filesystems
I was also a bit confused and expected something like grype -https://github.com/anchore/grype
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain
Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.
CLI for building apps using Cloud Native Buildpacks
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.
Is this Dockerfile ready for production? Is the container automatically secure?
3 projects | reddit.com/r/dotnet | 22 Oct 2022
What are the best tools for live container scanning?
1 project | reddit.com/r/devsecops | 16 Sep 2022
1 project | reddit.com/r/devopspro | 6 Aug 2022
📢 Grype v0.40.1 released and php support
1 project | dev.to | 24 Jun 2022
Show HN: Releasing Vulnerabilities of Open Source Software
2 projects | news.ycombinator.com | 21 May 2022