clair

Vulnerability scanner

Analyzes vulnerabilities in container images to improve security transparency

Vulnerability Static Analysis for Containers

GitHub

10k stars
226 watching
1k forks
Language: Go
last commit: 5 days ago
Linked from 6 awesome lists

claircontainersdockergokubernetesocioci-imagestatic-analysisvulnerabilities

Backlinks from these awesome lists:

Related projects:

Repository Description Stars
aquasecurity/trivy A comprehensive security scanner that identifies vulnerabilities and misconfigurations in various targets such as containers, code repositories, and infrastructure 24,010
anchore/grype A tool for detecting vulnerabilities in container images and filesystems 8,970
jasonumiker/clair-ecs-fargate A package and deployment guide for Clair image scanner on AWS ECS Fargate 27
edersonbrilhante/vilicus An open-source tool that orchestrates security scans of container images and centralizes the results into a database for analysis and metrics. 85
goharbor/harbor An open source registry project that stores and manages images in cloud-native environments 24,406
aquasecurity/trivy-action Automates vulnerability scanning of Docker images using Trivy 848
tomwillfixit/alpine-cvecheck Automates vulnerability scanning of Docker images at build time 10
teamssix/container-escape-check Detects potential vulnerabilities in Docker containers by checking for common escape methods 560
goodwithtech/dockle Automates security and best-practice checks for Docker images 2,804
dev-sec/cis-docker-benchmark A tool for automating security audits of Docker environments 490
nccgroup/whalescan A vulnerability scanner for Windows containers that performs benchmark checks and checks for CVEs/vulnerable packages on the container. 154
sea-erkin/log-snare A web application designed to simulate vulnerabilities and demonstrate the importance of proper validation and logging. 31
snyk/cli A command-line tool that scans and monitors software development projects for security vulnerabilities. 4,979
anchore/syft Generates detailed visibility into software packages and dependencies to manage vulnerabilities and license compliance. 6,371
scotty-c/dirty-cow-poc A proof-of-concept demonstrating the vulnerability of unsecured containers to privilege escalation attacks 12