g

grype

Developed by anchore

Grype is an open-source vulnerability scanner for container images, filesystems, and Software Bills of Materials (SBOMs), developed by Anchore. It efficiently scans for known vulnerabilities across major operating systems and language-specific packages. Grype supports threat prioritization utilizing EPSS, KEV, and risk scoring, and integrates with OpenVEX for scanning results filtering, making it highly optimized for secure DevOps and CI/CD pipelines.

  • Vulnerability scanning for container images, filesystems, and SBOMs
  • Broad support for major OS ecosystems and programming languages
  • Threat prioritization with EPSS, KEV, and risk scoring
  • OpenVEX support for advanced filtering of scan results
desktop