Grype
Fast open-source vulnerability scanner for container images and SBOMs
Grype is a fast, open-source vulnerability scanner from Anchore that finds known CVEs in container images and SBOMs generated by Syft. It matches packages against NVD, GitHub Security Advisories, and distro-specific vulnerability databases, providing severity ratings and fix version information. Grype integrates into CI pipelines to block builds with critical vulnerabilities, and its machine-readable JSON output enables custom policy enforcement in security gates.
Key Features
- ✓CVE scanning
- ✓SBOM integration
- ✓Container image support
- ✓NVD database
- ✓CI/CD gates
- ✓Open source
Quick Info
- Category
- Security
- Pricing
- Free
More Security Tools
Darktrace
SecurityAI-powered cybersecurity platform that uses self-learning AI to detect and autonomously respond to cyber threats in real time.
CrowdStrike Charlotte AI
SecurityCrowdStrike's generative AI security analyst that answers threat questions, investigates incidents, and accelerates response.
Vectra AI
SecurityAI-driven threat detection and response platform that identifies attacker behavior across hybrid and multi-cloud environments.
Recorded Future AI
SecurityAI-powered threat intelligence platform