Skip to content
Toolradar
Grype logo

Grype

UnclaimedEditor reviewed

Vulnerability scanner for container images

SecurityTesting & QACI/CD
Visit Website
Tracked since2025
0 reviews tracked

The Bottom Line

Entry price

Free, no paid tier

Biggest pro

Open source vulnerability scanner

Biggest con

CLI only

TL;DR - Grype

  • Grype is an open-source vulnerability scanner for container images and filesystems
  • It scans for known vulnerabilities using multiple databases with fast results
  • Completely free and open-source
Pricing: Free forever
Best for: Individuals & startups

What is Grype?

Editorial review
Grype scans container images for vulnerabilities. Feed it an image, get back a list of known CVEs-container security scanning that fits into build pipelines. The scanning is fast. The database updates regularly. Integration with CI is straightforward. Container security starts with knowing what vulnerabilities exist. Grype provides that visibility in builds.

Available on: Web, macOS, Linux, Windows

how we evaluateSourcegithub.com

Pros & Cons

Pros

  • Open source vulnerability scanner
  • Container scanning
  • Fast
  • CI/CD integration
  • Active development

Cons

  • CLI only
  • Learning curve
  • Database updates needed
  • False positives possible
  • Enterprise features limited

Key Features

Vulnerability scanningContainer imagesSBOM supportCI/CD integrationOpen sourceAnchore

Pricing Plans

Open Source

Free

  • Full source code access
  • Apache License 2.0 license
  • Community support
  • Self-hosted
Calculate your costView full pricing

Reviews

Be the first to review Grype

Your take helps the next buyer. Verified LinkedIn reviewers get a badge.

Write a review

Best Grype Alternatives

Top alternatives based on features, pricing, and user needs.

Snyk logo
SnykFreemium

Secure your code, dependencies, containers, and IaC from dev to production

4.5
Aqua Security logo
Aqua SecurityPaid

Cloud native security for containers and Kubernetes

4.2
Clair logo
ClairFree

Static vulnerability analysis for containers

4.4
Trivy logo
TrivyFree

Security scanner for containers

4.3
See all Security tools →

Still deciding?

Most buyers shortlist 2 or 3 tools before committing. Pull a side-by-side comparison or browse the full alternatives shortlist below.

Grype vs SnykHead-to-head: features, pricing, who winsGrype vs Aqua SecurityHead-to-head: features, pricing, who winsGrype vs ClairHead-to-head: features, pricing, who wins

Explore More

Best Security ToolsBest Testing & QA ToolsBest CI/CD ToolsBest Free SecurityBest Free Testing & QABest Free CI/CD

Grype FAQ

Is Grype free?

Grype is completely free and open source from Anchore. You can scan unlimited container images at no cost.

What is Grype?

Grype is a vulnerability scanner for container images and filesystems. It's fast, lightweight, and catches known CVEs in your dependencies.

Grype vs Trivy?

Both are excellent open source container scanners. Grype is from Anchore, Trivy from Aqua. Both work well, so try each and pick your preference.

Source: github.com

Guides & Articles

Best Compliance Management Software in 2026

Expert guide

Best Secrets Management Tools in 2026

Expert guide