grype: Vulnerability Scanner for images Container and filesystems


Grype is a vulnerability scanner for Container images and filesystems. Works with Syft, a powerful SBOM image management tool and filesystems.

grype

Characteristics

  • Scan the contents of an image container or file system to find vulnerabilities.
  • Find vulnerabilities in large packages of the following operating systems:
    • Alpine
    • Amazon linux
    • BusyBox
    • CentOS
    • Debian
    • Distroless
    • Oracle Linux
    • Red Hat (RHEL)
    • Ubuntu
  • Find vulnerabilities for specific language packs:
    • Ruby (Gems)
    • Java (JAR, WAR, EAR, JPI, HPI)
    • JavaScript (NPM, Yarn)
    • Python (Egg, Wheel, Poetry, requirements.txt / setup.py files)
  • Supports Docker and OCI image images

Installation

Recommended (macOS and Linux)

# install the latest version in / usr / local / bin 
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s --b / usr / local / bin

# install specific version on specific dir 
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s - b < SOME_BIN_PATH >  < RELEASE_VERSION >

Homebrew (macOS)

brew tap anchore / grype brew install grype

Program configuration

  • .grype.yaml
  • .grype / config.yaml
  • ~ / .grype.yaml
  • /grype/config.yaml

You can download the program from here.


Read them Technology News from all over the world, with the validity of iGuRu.gr

Follow us on Google News iGuRu.gr at Google news