TL;DR - Grype
- Grype is an open-source vulnerability scanner for container images and filesystems
- It scans for known vulnerabilities using multiple databases with fast results
- Completely free and open-source
Pricing: Free forever
Best for: Individuals & startups
Score: 84/100
Pricing
Free
View pricing Grype is completely free to use.
About Grype
Grype scans container images for vulnerabilities. Feed it an image, get back a list of known CVEs—container security scanning that fits into build pipelines.
The scanning is fast. The database updates regularly. Integration with CI is straightforward.
Container security starts with knowing what vulnerabilities exist. Grype provides that visibility in builds.
Reviews
No reviews yet. Be the first to review Grype!
Write a ReviewExplore More
Grype FAQ
Grype is completely free and open source from Anchore. You can scan unlimited container images at no cost.
Grype is a vulnerability scanner for container images and filesystems. It's fast, lightweight, and catches known CVEs in your dependencies.
Both are excellent open source container scanners. Grype is from Anchore, Trivy from Aqua. Both work well, so try each and pick your preference.