grype
Developed by anchore
Grype is an open-source vulnerability scanner for container images, filesystems, and Software Bills of Materials (SBOMs), developed by Anchore. It efficiently scans for known vulnerabilities across major operating systems and language-specific packages. Grype supports threat prioritization utilizing EPSS, KEV, and risk scoring, and integrates with OpenVEX for scanning results filtering, making it highly optimized for secure DevOps and CI/CD pipelines.
- Vulnerability scanning for container images, filesystems, and SBOMs
- Broad support for major OS ecosystems and programming languages
- Threat prioritization with EPSS, KEV, and risk scoring
- OpenVEX support for advanced filtering of scan results
desktop