Hacker News new | past | comments | ask | show | jobs | submit login

Was looking into this yesterday as I have a bunch of containers running on my media server. Found this tool: https://github.com/aquasecurity/trivy which allows you to easily scan your images for vulns. Anyone have other recs?



Anchore provides Grype https://github.com/anchore/grype


Nice. I like the (shortest) output of this one better. And as opposed to trivy, it was able to detect the packages (and 1 vuln) in ghcr.io/linuxserver/swag.


There is also Clair. https://github.com/quay/clair


Looks like a very good tool!

Shame it doesn't support Fedora. I all be definitely checking it out.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: