Grype is a vulnerability scanner for container images and filesystems with an easy to install binary that supports the packages for most major *nix based operating systems.
Features of Grype Vulnerability Scanner For Container Images & Filesystems
Scan the contents of a container image or filesystem to find known vulnerabilities and find vulnerabilities for major operating system packages in:
- Alpine
- BusyBox
- CentOS / Red Hat
- Debian
- Ubuntu
Find vulnerabilities for language-specific packages:
- Ruby (Bundler)
- Java (JARs, etc)
- JavaScript (NPM/Yarn)
- Python (Egg/Wheel)
- Python pip/requirements.txt/setup.py listings
Supports Docker and OCI image formats
Using Grype Vulnerability Scanner For Container Images & Filesystems
To scan for vulnerabilities in an image:
Grype can scan a variety of sources beyond those found in Docker.
The output format for Grype is configurable as well:
Where the formats available are:
- json: Use this to get as much information out of Grype as possible!
- cyclonedx: An XML report conforming to the CycloneDX 1.2 specification.
- table: A columnar summary (default).
You can download Grype here:
Or read more here.
0 comments:
Post a Comment