Grype is an open-source vulnerability scanner designed for container images and filesystems that seamlessly integrates with Syft, a powerful Software Bill of Materials (SBOM) tool. Find vulnerabilities for major operating system packages Alpine Amazon Linux BusyBox CentOS CBL-Mariner Debian Distroless Oracle Linux Red Hat (RHEL) Ubuntu Wolfi Find vulnerabilities for language-specific packages Ruby (Gems) Java (JAR, WAR, EAR, JPI, HPI) JavaScript (NPM, Yarn) Python (Egg, Wheel, Poetry, requirements.txt/setup.py files) Dotnet (deps.json) Golang (go.mod) PHP (Composer) … More
The post Grype: Open-source vulnerability scanner for container images, filesystems appeared first on Help Net Security.